Access Management
Autore: Gregory S.I have set up a website and have locked several pages. But there is info on the homepage I would also like locked. And rather than lock every page, I would rather have an login page where users can register up front and then login. This would save time and keep the whole site hidden until the user has a login.
It seems that the homepage cannot be locked. Not sure why. But I did notice there is an entry page. I thought this was the answer, but I do not see a way to get the imlogin.php?loginstatus=-3 page to appear to allow people to register/login. Is there a way to have people have to login or register before allowing them into any part of the website?
I have set access management to auto registration with a validating email. I have found that most of the time, the validating email ends up in people junk email or spam email when the receive it. Not realizing this, they don’t validate. Why does this email end up as junk rather than in someone inbox as it should?
What do you use for a send email in the access management? If it is a free email like yahoo.com or gmail.com, then this can happen. It is mandatory to use a domain email address as sending address!
There is a widget "Login & Logout" under the utilities that you can put in the header or on a special login page.
Autore
Hi Andreas. Thanks for your reply. I use Outlook 365 as the mail client, and set the email address in Website X5 to an @me.com address. @me.com is an apple address, but the same thing happens if I set it to my business email of @pc-pro.co. So there is an issue. Also, it would be less messy if instead of showing the code for the validation email, it was encapsuled in a big button that said Validate. That would be less intimadating, and may prevent the email from being deemed spam by the email client receiving the email.
I appreciate the widget can be added to the header. The issue is that the homepage is still exposed before logging in. I have information in the footer that I don't want seen by whoever lands there. Hence the reason for wanting site wide securuity rather that just locked pages. If the homepage locked, that would solve my issue. Or if it was possible to have different headers and footers on different pages, that too would work in my case. But nether seem possible.
Someone suggested I could lock the web site directory on the site server. That is likely true, but I do not know how to do this. I assume I would need console access and have a script that runs from the directory. I don't know how to code that. And I further assume who ever enters would all have to use the same password. So not the best solution in this situation.
Hello Gregory
In order to solve your issue, since I must confirm that by design the Homepage cannot be locked, is to hide the Header and/or Footer for the homepage only.
You can do so by going into the Properties section for the homepage in Step 3
With this, you can effectively use the homepage for login purposes only. You can do the same for the automatically generated login page.
About the email issue, WebSite X5 simply takes care of feeding the emails to the emailing server of the hosting.
Should all of your emails be considered spam by targeted mail clients, I would advise consulting the hosting provider directly to see if the reliability of the email for the domain can be improved
Verify all of this and keep me posted here
Thank you
Stefano
Autore
Andreas, I have tried several different email domains like my business, apple, my isp etc. All of the validation emails end up in the junk/spam box.
Autore
Stefano, your comment was useful. I added a bit on your idea to get it to work the way I had in mind. Thoughts?
Creating a site wide login page on WebsiteX5 and WebsiteX5 Pro
WebsiteX5 does not have a way to easily “push a button” and get site wide lock down behind a login. To get this, you must lock each page you don’t want someone who is not logged in to have access to. But, you are unable to lock the homepage. So if there is nothing on the homepage you don’t care if anyone can see, you can avoid doing anything else. As soon as the visitor clicks on a locked page, they will be presented with a login page.
But if there is stuff on the homepage you want to protect access to, there are two options. If the confidential information is only in the footer, you can turn the Footer off for the Homepage. See Option 1.
Option 1 (Turn off footer for homepage only.)
By design the Homepage cannot be locked. But Footers can be turned off for this unlocked page if desired.
If you have confidential information in the Footer only, you can do so by going into the Properties section for the homepage in Step 3
The next page selected that is locked from the menu in the header will prompt a login/register screen. The user must register once only and after that they can login.
If you also have confidential data in the Header, the process becomes more complex, and option 2 must be used.
Option 2 (Side wide lockdown behind a login)
The procedure below has you emulate a home page and hide and rename the original one. Let’s get started.
1. Hide the Home Page using the Sitemap Creation page.
From the Image Object page, click Display and set it as follows:
Since this button links to the new Home Page, and since the new Home Page is locked, it brings up the WebsiteX5 login/register page, imlogin.php?loginstatus=-3.
I pasted this from a Word .doc but it stripped the screen captures for each step and and renumbered the points. Everywhere it starts at 1 again had a screen capture removed from my document. So you do not get the full message unfortunately.
One idea. This would all be much simplier if the entry page did more than just detecting screen resolution and language. Given it is the landing page by default, why not make it a site wide login page. Once logged in using your imlogin.php?loginstatus=-3, it would drop you on the home page. This way, the using has a simple way of doing this that is more intuitive.
One other thing. When you turn the footer off as you suggest, it leaves the background colour of the footer on the left and right side of the screen. (What you refer to as extended view) I would have preferred it to have been removed as well given it is part of the footer.
Hello Gregory
I understand the process you made, but it is unclear to me whether the original workaround I provided was in fact helpful to you.
As of now, we did not receive much feedback about needing a full website lockdown due to the ways you can effectively already achieve something like this, like the one I offered or keeping WebSite X5 out of the loop entirely and lock the website with username and password configured on the hosting
However, if you so wish, I will turn the topic private so that the matter of eventually making this quicker and easier can be kept under consideration
Thank you
Stefano
Autore
Your suggestion as is would not work as there is other information on the home page that I wanted to keep private.
But you got me thinking about a different way to get to what worked. It was just a ton of extra steps. And as I mentioned, heading the footer did not clear the background from the left and right side extensions. So it looks a little funny. But other than looks, it works.
The other thing about the validation email; I have tried five different emails, all with different domains. I always get them going to the junk/spam mail folder. I know you said you use the host email to send the mail out. In my case, the site is hosted by Go Daddy. They are a pretty large organization. Not sure why their email would get rated as spam.
Hello Gregory
I can only advise contacting them directly. As I mentioned, the software isn't in charge of the actual process of sending the email. It merely builds it and provides it to the emailing server to be sent out
Technically, if such mail is being sent to Spam, the emailing server should be aware of the reason for this. Are you using SMTP o the basic PHPMailer? For example, using SMTP is a known way to improve reliability
Get in touch with your hosting about this first and keep me posted here after
Thank you
Stefano
Autore
Good morning Stefano. I am using PHPMailer as it says it in preferred in Website X5. I tried per your suggestion to use SMTP, BUT, I could not make it send the validation email. The program adds a field when I change from PHP to SMTP for an smtp server and I assume that it must be the smtp server of the website host.
They use smtp.office365.com as the smtp server with encryption using StartTLS. Website X5 does not seem to support StartTLS, so I assume this is why the validation email did not send. But, I do not know this for sure. So I changed it back to PHPMailer for now.
Autore
Stefano, I got boith PHPMailer and SMTP to work without having the validation emails end up as spam. For the PHPMailer, the ISP added a text file to my profile that basically says that mail sent from this website is not spam. Don't know how it works, but it does.
And for SMTP, the parameters for smtp server and port are differnt than those used in the smtp server for Outlook365. Effectively, the mail Website X5 creates is relayed on rather than run through their smtp server. They gave me the paramters to make this work. And now it does. See attached .jpg.
Hello Gregory
If I understand correctly, the issue seems fixed by a change of configuration and credentials by the hosting. Is this correct?
In this case, we can assume the situation is solved, or would you like further clarification on any matter specifically?
I remain available here for you, keep me posted if necessary
Thank you
Stefano
Autore
Your assumption is correct. Everything is now working.
Thank you very much for your help. Being new to website building, I had no idea where to start solving this issue. Your counsel pointed me the the right direction. I thank you and very much appreciate your guidance.