Hello,
I have installed the latest version of Elgg (via composer) on a VPS (Ubuntu 20.04 - Plesk Obsidian). It is a private family site (invite only) and hence I am using the Walled Garden. The data folder is outside httpdocs.
Ideally, I would like the site to be protected from indexing and bots. However, when I attempt to use http authentication, I run into problems, which I suspect might be Plesk taking control of the apache config files.
Could someone please give a few pointers:
a) Is it possible to use http authentication with Elgg?
b) How secure is Elgg in Walled Garden mode from indexing and those pesky bots?
Thanks in advance.
info@elgg.org
Security issues should be reported to security@elgg.org!
©2014 the Elgg Foundation
Elgg is a registered trademark of Thematic Networks.
Cover image by RaĆ¼l Utrera is used under Creative Commons license.
Icons by Flaticon and FontAwesome.
- VinceK@vincek
VinceK - 0 likes
- Jerome Bakker@jeabakker
Jerome Bakker - 0 likes
- VinceK@vincek
VinceK - 0 likes
You must log in to post replies.Not to worry, I've answered my own question.
I added AuthType Basic to .htaccess.
We haven't had any issues yet with our clients which use Walled Garden mode to protect their websites from the public eye.
In the admin section you can also configure the robots.txt which is used by the indexing bots, there you can make sure the bots don't try to index your site.
But since all unauthenticated responses are 403 the bots wont index those pages anyway
Thanks for the confirmation, Jerome. I ended up using authtype basic for site access and then email-only login for the walled garden.