I would appreciate sipmle behaviour rule my site responds to those not logged-in:
Redirect them to sign-in page no matter what subdirectory (subdomain) they request.
Even if you google siteurl + username, you should't have displayed a table of names and avatars - but starting page. Even if I have custom html page it should not be accessible until logged in.
Standard oxwall rule management does not deliver it.
Any suggestions?
We build. You grow.
Get best community software hereStart a social network, a fan-site, an education project with oxwall - free opensource community software
Need to redirect all guest back to the sign-in page. | Forum
Team
Darek
Jul 3 '14
Ross,
Thank you,
I will surely try to implement it over coming weekend. It looks like the
solution would secure single html page we have attached do oxwall structure, which is of course good starting point. I
just thought oxwall has certain mechanism that reacts to guest requests anyway,
so I hoped “the umbrella” is already in, but leaking.
It is for me hard to accept you can open
say “url-site-name/users/latest?&page=20” and then browse through
all avatars and usernames. This makes serious privacy issue.
I will surely analyze what good I can make out of suggested code. Still hope
however, some brilliant idea emerges here. If you think for a while on my
request (to hide everything below “url-site-name/…”
until logged in) it should not be that challenging. Some combination of cookie
/ .htaccess technology perhaps? I’m not advanced enough to know straight away, so dare to ask.
Team