Walled Garden access

I am running my site in walled garden mode and everything was fine till I had a requirement to make blogs view only public. I was able to make blogs public through external pages plugin and/or public pages plugin. My problem though is now blogs are not created with Public access in walled garden mode, they are always private, friends and logged in. Can I create blogs with public access in walled garden mode?

The only work around I have now is making site public, create blog, and make site private back again.

Thanks in advance for any solutions.

  • Wow, this is not easy to understand!

    Could you please help me understand the difference between "item" and "page", in this context?

    When I tried posting a news item or page (?), there was no "Public" option in the menu. The url created was: news/view/83/test

    And, where does that string $add[]= 'news/.*';  go?


  • "The walled garden blocks access for logged-out visitors on page level."
    "if your site is in walled garden mode but you want certain content items still be visible for logged out visitors you need to make the page they are shown on a public page."

    These two sentences seem to contradict each other. Isnt a "public page" at "page level"?

  • Looks like the loginrequired plugin does not work correctly.

    It's says "You must be logged in to view that page", in green, repeated many times down the page, clicking one of the menu links, which I prefer not to be shown on the login page, goes to a connection error page, and at the bottom of the login page, there is this message:

    WARNING: Deprecated in 1.9: The 'index', 'system' plugin has been deprecated. See elgg_front_page_handler() Called from [#4] /home/vol3_3/host.com/14_20595489/htdocs/elgg-2.3.3/vendor/elgg/elgg/engine/classes/Elgg/Router.php:60<br /> -> [#3] /home/vol3_3/host.com/14_20595489/htdocs/elgg-2.3.3/vendor/elgg/elgg/engine/classes/Elgg/Application.php:436
  • With content item I refer to any kind of posting (a blog, a file upload, etc.). For each of these postings / item you can set an item-specific access level (public, logged-in etc.). This access level defines who can see/access this item even without any walled garden in use. For example, a logged-out visitor won't be able to see/access a posting with logged-in access level. Nevertheless, the pages as where these content items are shown (like the page of all blogs listed) are not blocked. Just the items that the user has no sufficient access permissions will be missing in the list (or get blocked when trying to access them for example directly by the full url to the full view of a content item).

    The walled garden setting of Elgg (or the Loginrequired plugin) adds an additional barrier on page level. That means that any page that is not defined as public page is inaccessible for logged-out visitors. Even if a content item has public access level (item-specific) the page(s) where this item is shown is not accessible.

    If you make your site a walled garden site, you normally wouldn't want logged-out people to be able to access any pages except the pages that are absolutely necessary (e.g. register and login pages, about/terms/privacy pages). If you want people to be able to access additional pages, you need to customize the code according to your requirements.

    In the Loginrequired plugin in start.php there's the function login_required_default_allowed_list($hook, $type, $return, $params) where you can add additional pages (their urls) you want to be public. You can use the .* wildcard to make any pages that start with a certain url segment public, e.g.

    $add[] = 'news/.*';

    would make all pages public starting with the url yoursite.url/news regardless what comes in the url after the "news" part.

    As the public access level (on item level) is normally of no use on a walled garden site (you could select public access level but the page where the item would show up would still be inaccessible) the Loginrequired plugin removes the public access level from the access level selection. If you don't want this, you could either comment out the line

    elgg_register_plugin_hook_handler('access:collections:write', 'all', 'loginrequired_remove_public_access', 9999);

    in the init function in start.php of the Loginrequired plugin or you could change the loginrequired_remove_public_access() function to the following to allow only admins to select the public access level

    function loginrequired_remove_public_access($hook, $type, $accesses) {
        if (elgg_is_admin_logged_in()) {
            return $accesses;
        if (isset($accesses[ACCESS_PUBLIC])) {
        return $accesses;

    For group content the removal of the access level is done in the file mod/loginrequired/views/default/groups/edit/access.php. If you just remove this file, the public access level will be selectable for all users again.

    The Loginrequired plugin works perfectly fine as it is. But you need to make sure that you use the version of Loginrequired that I recommened for the corresponding version of Elgg. If you still get error messages then, the most likely reason is that you use some plugin(s) / a theme plugin that is either not fully compatible with the Elgg version you use or that it's necessary that you make one or more of the pages used by one or more of these plugins public. But that really depends on these 3rd party plugins in use and I can't give any specific help. Actually, the whole thing is really not that complicated even if it might requires a little bit of work to get it set up. As any customization is really a very site-specific issue (if you are not happy with the default behaviour) you really need to learn a little bit about how it works and maybe a tiny bit of coding on your own. That's nothing that can be fixed by someone else without access to your site (and if you need someone for that you need to hire someone).

  • Hello,

    Thanks for your response, I now understand it more clearly.

    Could you please tell me how I can customise the walled garden to add public pages? I think that will be the best way to do it.


  • I thought I already give some hints by linking to http://learn.elgg.org/en/stable/guides/walled-garden.html.

    Okay, so create a plugin (e.g. with plugin folder name "my_public_pages") that has the following manifest.xml and start.php files (only these two files necessary).


    <?xml version="1.0" encoding="UTF-8"?>
    <plugin_manifest xmlns="http://www.elgg.org/plugin_manifest/1.8">
        <name>My Public Pages</name>
        <description>Configure pages that are public in walled garden</description>
        <copyright>(C) iionly 2018</copyright>
        <license>GNU Public License version 2</license>

    and start.php

    elgg_register_event_handler('init', 'system', 'my_public_pages_init');
    function my_public_pages_init() {
        elgg_register_plugin_hook_handler('public_pages', 'walled_garden', 'my_public_pages');
    function my_public_pages($hook, $type, $pages) {
        // to make a page public add the url part of the page after your site url here
        // one public page per line
        // wild card .* can be used to make all pages public that match in the url part
        $pages[] = 'blog/.*';
        $pages[] = 'some_other_pagehandler/segment_x';
        return $pages;

    In the my_public_pages functions you need to define the public pages, i.e. add the url part after your site url of the page that is supposed to be public within the string on the right of "$pages[] =", one public page per line. As it's very likely that a plugin requires several pages to be public (the desired page build up by several "subpages") you could use the .* wildcard to make the configuration simplier.

    Just place the plugin folder with these two files in your mod directory and you can enable the plugin. That's all.

  • Iionly,

    You said that the walled garden already has some exceptions, that are publicly accessible, like the login page, password recovery page, etc. So these pages have been added to walled garden already, as exceptions. So I'm just asking where they have been added, so I can find it and add my own exceptions. That will be the easiest way for me, as I don't know how, and don't have enough time, to create my own plugin.

  • I just gave you all the code necessary to create the plugin. Just copy+paste the code into the files I gave you the names for and place the plugin then in the mod folder and you're done. Doing the customization (i.e. adding more public pages) just requires to add some lines.

    The default public pages are defined in the Elgg core code. And it's not recommended to change any core files because you will loose any changes if you update to a newer Elgg release and forget to backup your changes. And you would have to re-do the changes again and again with every update. That's what Elgg plugins are for. They are not only to add new functionality but also to customize Elgg according to your needs. And if you would modify Elgg core to define more public pages it wouldn't be any different than doing it with the plugin approach I outlined as the (minimal) changes to be done are the same. And if you make a mistake in changing the Elgg core files your site would be broken whereas you can simply disable a plugin if it doesn't work.

  • Hello,

    Yes, what you gave me above does seem to be very easy. So I tried it. I followed every instruction exactly. Unfortunately its not working. Is there any reason why  $pages[] = 'blog/owner/username?view=rss';   will not work?

    I've tried it and it says "you must be logged in to view that page".

  • For the rss viewtype to be accessible the default viewtype also needs to be accessible. So, try

    $pages[] = 'blog/owner/username';