Asset Service Protection
- Last updated
- Save as PDF
This topic describes how to execute the PowerShell scripts included with security patch DE27964_Assets_Service_Protection.
This patching process does not require any downtime. It is a configuration change, and it takes effect without interrupting your services.
This patch includes two PowerShell scripts. Use the proper script for your Spok Mobile server. The scripts are:
AddProtection4X.ps1
for Spok Mobile 4.0 and laterAddProtection35.ps1
for Spok Mobile 3.5
If you make a mistake, see step 2a below for more instructions about how to restore your configuration file.
To implement this patch, do the following:
- Download the patch files to the mobile server assets directory, usually
C:\inetpub\wwwroot\AMC\Assets
.- For Spok Mobile 3.5, download both
AddProtection35.ps1
andAmcom.Security.OAuth.dll
- For Spok Mobile 4.0 and above, download only
AddProtection4X.ps1
- For Spok Mobile 3.5, download both
- Create a backup copy of the file
C:\inetpub\wwwroot\AMC\Assets\web.config
(or backup the whole directory)- If you make a mistake and need to restore your system, replace the
web.config
file with the backup copy that you just made.
- If you make a mistake and need to restore your system, replace the
- Open a PowerShell console as an administrator and navigate to the script directory (for example, by running
cd C:\inetpub\wwwroot\AMC\Assets
). - In the Assets directory, execute the script by typing
.\<filename>
where <filename> is the name of the script.- For Spok Mobile 3.5 run
.\AddProtection35.ps1
- For Spok Mobile 4.0 and later, run
.\AddProtection4X.ps1
- For Spok Mobile 3.5 run
- Depending on your PowerShell execution policy, you might be restricted in various ways.
- You might be allowed to execute the script without any alerts or notifications. This means that the script ran successfully.
- You might be asked to confirm that you want to run the script because the publisher is untrusted. In this case, type R and then press Enter to run the script once.
- You might be blocked from executing the script.
In this case, change your PowerShell execution policies by doing the following:- At the Powershell console, execute
Set-ExecutionPolicy AllSigned
- Confirm by typing A and then press Enter.
- Execute the script as shown in step 4.
- At the Powershell console, execute
- You might be warned that the hash of the file does not match the hash stored in the signature.
This indicates that the file has been changed and cannot be trusted. Do not execute the script.
- You might be allowed to execute the script without any alerts or notifications. This means that the script ran successfully.
- To validate that the script ran successfully, launch a web browser and attempt to load the URL
https://<mobile_domain_name>/AMC/Assets/Assets/v1-0/
Assets
.
If the script executed properly, you will receive the errorHTTP Error 401.0 - Unauthorized
. - Upgrade all of your mobile clients to the latest version of Spok Mobile. This will allow you to upload or download assets and files.
If you are using a load-balanced setup, ensure that you have applied the script to all mobile servers.