The WildFly application server comes with a powerful Admin Console that provides a user-friendly interface for managing and monitoring server resources. However, in some scenarios, you may want to disable the Admin Console to enhance security. This tutorial guides you through the process of disabling the Admin Console in WildFly or JBoss Enterprise Application Platform (JBoss EAP).
Disabling the Management Console in WildFly
Firstly, in order to disable the Web Console, connect to WildFly Command Line Interface:
./jboss-cli.sh -c
Then, execute the following Comand:
/core-service=management/management-interface=http-interface:write-attribute(name=console-enabled,value=false)
As you can see from the following screenshot, you need to reload the server configuration for changes to take effect:
This is the effect in your WildFly configuration after applying the change:
<management-interfaces> <http-interface http-authentication-factory="management-http-authentication" console-enabled="true"> <http-upgrade enabled="true" sasl-authentication-factory="management-sasl-authentication"/> <socket-binding http="management-http"/> </http-interface> </management-interfaces>
Then, after reloading, you should see the following command in WildFly Console:
19:03:11,255 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0060: Http management interface listening on http://127.0.0.1:9990/management 19:03:11,256 INFO [org.jboss.as] (Controller Boot Thread) WFLYSRV0054: Admin console is not enabled
As a matter of fact, if you try to access the Web Console, you should receive an error:
How to enable the Admin Console
If you want to re-enable the Admin Console, then you can set to true the attribute console-enabled
to true as follows:
/core-service=management/management-interface=http-interface:write-attribute(name=console-enabled,value=true)
Other strategies to disable the Admin Console
Besides the one discussed in this article, there are other strategies to disable the Admin Console of WildFly or JBoss EAP. For example, it is possible to remove it completely from the configuration as follows:
/core-service=management/management-interface=http-interface:remove()
However, if you need to re-enable it again you will have to re-create the full interface from scratch. Therefore, the best suggestion is to disable the single attribute. Besides, if you want to add extra security to your Management Interface without disabling it, check this article: Securing JBoss / WildFly Management Interfaces: the easy way
Conclusion: You have successfully disabled the Admin Console in WildFly. This additional security measure can be beneficial in production environments where direct access to the Admin Console is not required. Always ensure that you have alternative means of managing and monitoring your WildFly server after making such changes.