Can I use Publii to create private / secret links?
-
March 3, 2023 at 10:22 pm #9476
[anonymous]
I am thinking of using Publii for a documentation that is not public but only accessible with a private link (similar to Google Docs). Everyone who has the private link can access a page or the entire site.
I am not sure if a workaround by just using random characters in the page URL will do it.
What do you think about that?
March 4, 2023 at 12:53 pm #9487[anonymous]
You can tick “Hide post” and “Exclude from homepage” in post editor, and it won’t be listed publicly.
March 4, 2023 at 1:13 pm #9488[anonymous]
Alright .. that’s what I thought .. and then just add a random URL mydocu.com/clientname-asdlj209u0s9d0942cj309
Not sure if I feel confident with that though
March 16, 2023 at 7:06 pm #9581[anonymous]
Just to add to what privii mentioned: the hide post and exclude options only apply to how your pages are displayed within your site. If your users need to access a directory or post listing, you shouldn’t hide your posts.
If your goal is to hide your entire website from search engines: go to your site settings, and under SEO, select “Noindex website”.
If you only want to hide certain pages/posts from search engines, set the Meta robots index to “noindex, nofollow” for each post.
Besides that, though, this won’t prevent people who shouldn’t access your site to view it if they get the link. Depending on how sensitive or private you really want the info to be, consider implementing some kind of password-protection or authentication. There are external options out there for static sites.
March 16, 2023 at 7:43 pm #9586[anonymous]
I notices already that Publii is perhaps not the ideal tool for that. There are no password protected pages / subpages.
It’s interesting though that many of us just share private links e.g. to Google Docs, and in the end, it’s just a secret URL. It wouldn’t be that difficult to create manually such kind of URL with random characters. That’s why my initial thought to just create a permalink with a random string to “simulate a secret link” in Publii
March 17, 2023 at 12:07 am #9589[anonymous]
Yeah, you can certainly make the slugs a series of random characters manually, but there’s no password-protection out of the box. It looks like it’s possible to do, but requires some external tools.
Password protection is available if you deploy using Netlify Pro (as well as other site protection options), and based on a quick Google search of “static site password protection”, there are a couple of options out there like StaticShield.
That said, your site could still be accessed if someone shared the password. As you’ve mentioned: a lot of what is seen as “private” or “secret” on the web is illusory. For example, it’s possible to share a photo from a private Facebook account with someone who isn’t signed in if you have the photo’s URL on the server. Granted, that link may dynamically change after a certain time, but the point remains: nothing is 100% safe…
March 17, 2023 at 8:29 am #9594[anonymous]
I just checked my initial post – maybe now it’s time to reveal the use case 🙂
My idea was to use Publii to make documentation for clients. Publii is easy to set up, it’s fast, easy to maintain, edit content, etc.
Initially, I thought about using Gitbook for documentation. I could use any tool for it, but there is one thing that I find interesting.
Some applications allow being integrated as iFrame within the WordPress backend. Notion for instance does not. But Publii does. That means I can make a client documentation within Publii, and just integrate it into the WordPress backend. The client just has the menu item in the WP backend “Documentation” and it shows the Publii site right in there.
It would not contain passwords or the like, but it still should not be something that is public.
That’s why I came up with the secret links that so many apps use. And I thought, well, a secret link would be something I could also create myself with random characters
March 17, 2023 at 3:01 pm #9599[anonymous]
Some interesting ideas.
Here’s one more to consider to create a membership website.
You could have two Publii websites with both possibly / probably using the same Publii theme:
– The publicly accessible site would be uploaded to: https://www.yourdomain.com/ = content open to everyone.
– All member-only content could be sync to: https://www.yourdomain.com/cgi-bin/members
All member-only content inside /members/ could be protected behind your membership access wall using https://www.willmaster.com/software/membersonly/index.php
One drawback: you would have a membership user database online in your web hosting, so that has some security implications to think about. Plus of course cookies implications, etc. But you can address these areas, strengthen security as your web host, plus deal with cookies implications in your Publii cookies options, terms of use / membership, privacy pages, etc.
Yes, this membership software solution uses PHP so might be considered by some to be somewhat dated, but it is stable, proven, should work well into the future, do what it promises, and be as secure as we would hope. Each member will have their own unique username (email address) and unique password they create when joining or registering.
I haven’t tested the combined solution yet but it looks like it could offer a promising ‘full membership website management’ option that might work well with Publii. The developer could probably help further.
Or, who knows, a Publii wizard might come up with a Publii plugin that does something similar 🙂 – though it seems like a lot of work for a plugin.
March 17, 2023 at 3:27 pm #9600[anonymous]
[anonymous] wrote:It would not contain passwords or the like, but it still should not be something that is public. That’s why I came up with the secret links that so many apps use. And I thought, well, a secret link would be something I could also create myself with random characters
Gotcha! If you only need a URL and a site that’s not public, you should be good to go with writing random slugs manually (or even using some kind of hash generator to do the work for you) and making sure to set the site to no-index.
If you ever need password-protection, it would be done on the WordPress side, I presume.
March 17, 2023 at 3:33 pm #9601[anonymous]
[anonymous] wrote:Some interesting ideas. Here’s one more to consider to create a membership website.
Thanks for sharing. I just wanted to mention: there are simpler (and cheaper) ways of implementing user authentication, some of which are open-source. I’ve listed some in another thread.
March 17, 2023 at 6:40 pm #9602[anonymous]
[anonymous] wrote:Some interesting ideas.
Here’s one more to consider to create a membership website.
It sounds like quite an overkill to go into a membership platform. Sound like a completely different solution / approach to me
March 17, 2023 at 6:42 pm #9603[anonymous]
[anonymous] wrote:Gotcha! If you only need a URL and a site that’s not public, you should be good to go with writing random slugs manually (or even using some kind of hash generator to do the work for you) and making sure to set the site to no-index.
Thanks for confirming .. I’ll experiment with it a bit and see if I can make something out of it because if I follow that approach I want only one single Publii setup for several client documentation. It’s just not worth it to set up a separate site on a subdomain for each client. In the end, it’s just a bit fancier documentation instead of PDF, so I can not invest too much and it must be simple to set up for each client.
Let’s see if I figure something out here 🙂
Thanks so far!
March 17, 2023 at 7:58 pm #9604[anonymous]
Maybe you can find a solution with PageCrypt ( https://www.maxlaumeister.com/pagecrypt/ )
For a documentation website you can check if docsify fits your goals ( https://docsify.js.org/ )
March 18, 2023 at 10:31 am #9606[anonymous]
[anonymous] wrote:Maybe you can find a solution with PageCrypt ( https://www.maxlaumeister.com/pagecrypt/ )
For a documentation website you can check if docsify fits your goals ( https://docsify.js.org/ )
Thanks. I thought I have seen most of the tools, but I think Docsify is new to me. Maybe it’s a good fit.