Restrict access to a website while it's under development


(Rob Beattie) #1

Usually I simply place a website that I’m building onto one of my obscure fish-related URLs and then transfer it across to the real thing when I’m ready.

With this site however there are some reasons why I’d like to get it on the real URL sooner rather than later, so I’m looking for a way of ‘hiding’ it from anyone who might inadvertently stumble across it. There are no secrets, it’s just to prevent anyone seeing the development site.

I’d like to keep it simple - really simple - and wondered what people thought was the best way to do this? Ideally so when the time comes I can ‘flick a switch’ and it’s all there, visible and ready to go.

Like I said, really simple. :sunglasses:

TIA

Rob


(ben) #3

Why not just do some basic authentication via .htaccess & .htpasswd files — it’s super quick and easy to setup a login for any/all pages.

When you’re ready to go live, just remove the .htaccess.

We’ve got a tutorial for setting up Basic Authentication with .htaccess on the RapidWeaver Community site.


(mark hunter) #4

Rob

Not sure who you host with, but if it’s Chillidog they have a really easy and neat way of password protecting a site in their control panel. You can give access to your client so they can review during build, and when it’s time to go live you just remove the password.

I didn’t know it was there until I stumbled across it one day!

Regards

Mark


(Rob Beattie) #5

Well wiggle my webs and call me shaky…I do use Cdog. I’ll check it out.

having spent an hour messing with .htaccess and .htpasswd, I suspect this will be a much easier option for the likes of me.

Cheers @mark

Rob


(scott williams) #6

Just put it behind pagesafe


(mark hunter) #7

It is indeed Rob, and I’ve been there too. The ‘Directory Privacy’ setting is what you are looking for in the Control Panel, if you haven’t found it yet.

Regards

Mark


(Rob Beattie) #8

Once you’ve set it up, do you know how long the folder stays protected for? Until the next visit, until the browser cache is cleared or some other variation?

Thanks

Rob


(mark hunter) #9

Server Side - the folder stays protected for as long as you have the password applied to the folder in the Control Panel.

Browser Side - It appears to me that for a user who enters a correct password they then don’t have to re-enter the password until the browser cache is refreshed, but @barchard would probably need to confirm that.

Regards

Mark


(Gregory Barchard) #10

It should be once the browser is quit or closed.


(Rob Beattie) #11

Sounds like the way to go. I’ll check it out later today.

Rob


(Gabrielle Vickery) #12

I pop in a sitemap plus page and it has a button you can tick to ‘disable search engines’. I assume that works!
Can anyone verify that this is how sitemap plus works?


(Ben Berwers) #14

For me it works with a RW site to place the site under development simply in a sub-folder, leave the main folder empty and eventually restrict search engines.
In the end, delete the site under development and re-publish.


(Joe Workman) #15

My PageSafe stack is very useful for this. Add it to your pages and you can protect your pages with a password or pin. https://joeworkman.net/rapidweaver/stacks/page-safe

I also like developing everything under a subdomain. I prefer that to a subfolder myself. You may also want to make sure that you setup a robots.txt so that search engines do not source that new test site.


(Rob Beattie) #16

Can a single instance of PageSafe protect an entire site Joe?

Thanks

Rob


(Joe Workman) #17

You have to place the PageSafe stack on every page. This is pretty easy to do with partials. But PageSafe is smart enough so that no matter what page you log into, you only have to login once.


(scott williams) #18

LOL, That’s what I said… Sorta :grin:


(Rob Beattie) #19

Well I have PageSafe, but didn’t realise this. Thanks.


(Joe Workman) #20

To get the logins between pages to integrate, you simply need to set the pagesafe ID to be the same. If you use different pagesafe Ids, then the logins are kept separate and you will need to know the passcode for each.


(Rob Beattie) #21

I’ve just implemented this and it works perfectly - and is much easier for a klutz like me to cope with.

Cheers

Joe