After creating some content, you'll need to consider your site's security. Before you dive into locking down specific pages, it's important to understand how security works with MindTouch.
Let's put this into a metaphor. Imagine site privacy is the lock on the front door of a house. Maybe people can walk right in or maybe you've got a full dead bolt system on the front door. Once you get into the house, you're a certain type of person or user. As a user, you may be a house guest, a maintenance man, a teenager living in the house or a parent paying the bills.
You could then consider the different personas of people who enter the house as groups—maybe guests, maintenance, occupants and owners.
Who can get into which room? That is where restrictions and permissions enter. Some rooms may be open to everyone (Public), while others may be locked down (Private). Once a room is locked, as a blanket rule only those with a key can enter. Maybe you've locked a room full of Christmas presents and given a key to only maintenance men and owners of the house. Best of all—those users don't even need to pull out their keys to get into locked rooms. Our room locks perform a bio-scan and unlock for only the right people automatically.
If you don't have the right DNA, you won't even know the door exists. And you can't miss what doesn't exist.
The umbrella approach
MindTouch security options should be considered with a top-down approach. Essentially there are three (3) levels of security:
- Site privacy
- User types, roles and groups
- Page restrictions
- Your site is either public or private.
- A public site allows all users to view public content, even without logging in.
- A private site requires all users to log in. Always.
- Site-wide privacy is determined in the control panel and applies to the entirety of your site.
- Best practice: Set your site to public and privatize specific content as needed. This will allow you to benefit from our built-in search engine optimization (SEO). That's right—using MindTouch can drive your corporate entity's SEO—organically.
User types, roles and groups
- When you create users in the control panel, you grant them specific access and functionalities across the entire site.
- Best practice: Only grant the highest role absolutely necessary in the control panel and grant higher roles on individual pages and sections through page restrictions as necessary.
- Restricts or grants access to specific pages or entire sections.
- As you restrict or grant a user's access to a page, you are essentially overwriting whatever access the user was granted by the control panel.
- Provisionally add access for specific users for individual pages or sections as needed.
What about admins?
Great question. Remember—admins are the exception to the rule. They're omniscient, and you can never hide anything from them. Choose wisely.
I need a little more
We get it—security is not something to take lightly.
► Review our extended documentation
Go here next!