Restricting pages to attached domain
Permalink Browser Info Environment
Is there a way to restrict pages to be visible only via the attached domain?
| Type: | Discussion |
|---|---|
| Status: | Resolved |
Oh, right.
I was using an unmapped domain to access pages and that got me unwanted results.
After mapping all of my domains pages seem to be properly restritcted.
However, I need to set viewing permission to private on the main site and that setting propagates to other domains too. Is there a way to set the main domain to private and subdomains public without htaccess trickery?
I was using an unmapped domain to access pages and that got me unwanted results.
After mapping all of my domains pages seem to be properly restritcted.
However, I need to set viewing permission to private on the main site and that setting propagates to other domains too. Is there a way to set the main domain to private and subdomains public without htaccess trickery?
I would suggest having a parent page in the sitemap for all your mapped sites. This way you could also restrict access through the concrete5 permissions easily:
- Set the restricted permissions on the root page level
- Set public permissions on the "mapped sites" parent page
By default, all pages in concrete5 are set to inherit their permissions from their parent page if the permissions haven't been modified for that page. So, after such setup all your root level pages should be restricted and all the pages under "mapped sites" would be publicly accessible.
- Set the restricted permissions on the root page level
- Set public permissions on the "mapped sites" parent page
By default, all pages in concrete5 are set to inherit their permissions from their parent page if the permissions haven't been modified for that page. So, after such setup all your root level pages should be restricted and all the pages under "mapped sites" would be publicly accessible.
That was easy indeed and all is well.
Thanks.
Thanks.
Except I can still access a page under a mapped site using the main domain without logging in.
Login prompt is visible only on the root level.
Login prompt is visible only on the root level.
Oh yeah, this is very true.
I think this might be good improvement in the add-on but for now as a quick fix, I think the htaccess is the easiest way to avoid this.
In the version for 5.6 we had a feature that forced these pages to be served from their correct domains but for some reason (I cannot remember at the moment) we decided to drop this off from this version.
We'll take this on the table and think whether it would make sense to add it back.
I think this might be good improvement in the add-on but for now as a quick fix, I think the htaccess is the easiest way to avoid this.
In the version for 5.6 we had a feature that forced these pages to be served from their correct domains but for some reason (I cannot remember at the moment) we decided to drop this off from this version.
We'll take this on the table and think whether it would make sense to add it back.
This feature is now available in the latest version of the add-on 2.3.0.
You can find it under the common settings of the add-on (other one of the redirection settings). For new installations, this setting is enabled by default but for old installation, it needs to be manually enabled.
You can find it under the common settings of the add-on (other one of the redirection settings). For new installations, this setting is enabled by default but for old installation, it needs to be manually enabled.
If you mean that you are using the "allow from all domains" attribute for some page and would like to allow that only to specific domains, unfortunately this is not a feature of this add-on.
Of course, this is always possible through custom code.
Antti / Mainio