We have an environment with 4 nodes. 2 WEB and 2 Batch nodes. We have the WEB nodes exposed through a Load balancer using an alias. However to 2 batch nodes can connect when using the server names with port 8080 . I want to not allow access to those nodes to connect to the system.. How can this be disabled?
@RonC0128 To disable web access for batch nodes in a Pega environment with 4 nodes (2 Web and 2 Batch), you can prevent direct access to the batch nodes by disabling the HTTP listener. In Dev Studio, go to Records > Integration-Resources > Service Listener, find the HTTP listener for batch nodes, and disable it. Alternatively, update the prconfig.xml file on batch nodes by adding <env name="http/disable" value="true" /> to block web access. Ensure the batch nodes are correctly classified with <env name="identification/nodeType" value="BATCH" />. You can also restrict access using firewall rules to block port 8080 or configure the load balancer to route traffic only to the web nodes. Additionally, you can enforce security policies using DSS like security/enableRequestorWhitelist to allow only specific IPs. Restart the batch nodes after making these changes for them to take effect
@Sairohith disabling the HTTP listener is not available as the service-listener is not available. also I set the following however this makes the stream nodes unreachable.
Check the below link and try in your batch node prconfig.xml:
This will block the standard login/pass connectivity.
Yet, keep in mind that this will also block your admin direct access to these nodes, so in case of issue you’ll be stuck also.
Regards
Anthony