Password Protected Pages


#1

I’m getting my sites set up and ran into something on one of my sites. This site has a login area for their employees to access with username/password. I have the pages protected via .htaccess so that no one can directly access the page. The login is handled via PHP and sessions.

When I added the pages to the editor and click to view the page it gives me the warning that I must define an editable region. There are indeed editable regions on the page. I’m sure this has something to do with the password protection on the page.

The service I’m transferring from had a method for adding login credentials for password protected pages. I couldn’t find anything in the docs or forum for Surreal. Is there a way to handle this?


#2

This isn’t built into Surreal, but you can work around HTTP Authentication by following this tutorial.

You’re basically going to whitelist our IP address. Here’s a sample config from the tutorial:

AuthType Basic
AuthName "Please enter your password"
AuthUserFile /path/to/.htpasswd

Require valid-user
Order deny,allow
Deny from all

# Surreal CMS
Allow from 45.55.90.199

Satisfy Any

#3

Boom! Genius! That worked.


#4

Newbie question here… what text am I replacing in the code you supplied? Do I just need the path to password replaced? Does all of this code replace all my htaccess text or do I just add to the htaccess file?


#5

You need to generate and upload an .htpasswd file first (this tool might help but I haven’t used it before), then grab the full path (from the root of the server) and add that to the AuthUserFile line :slight_smile:


#6

Thanks, that worked!