For optimal performance of your server, use ACLs only when required.
The default server is configured with an ACL file containing the default ACL allowing write access to the server only to "all," and an es-internal ACL for restricting write access for "anybody." The latter protects the manuals, icons, and search UI files in the server.
The default obj.conf file has NameTrans lines mapping the directories that need to be read-only to the es-internal object, which in turn has a check-acl SAF for the es-internal ACL.
The default object also contains a check-acl SAF for the "default" ACL.
You can improve your server’s performance by removing the aclid properties from virtual server tags in server.xml. This stops any ACL processing.
You can also improve performance by removing the check-acl SAF from the default object for URIs that are not protected by ACLs.