Maybe some ‘too simple’ a question … I understand that the repository stack resides on its own page, and when called displays the authentication login. Assuming you don’t want to point every visitor of the website towards this login page, what are your ‘best practices’ to “hide/conceal” the page link to the login page ?
When having open the page inspector / right sidebar, you will have a option to hide the page from navigation.
Not at my Mac right now to send you a screenshot.
Thx, Jannis, for emphasizing this - likely most important - measure (not having the page show up in the navigation).
I wasn’t clear enough in my question, but I was wondering how others place the link to the login page in a not-so-obvious way - maybe in the footer … The idea of reducing the ‘attack-surface’ via ‘security by obscurity’ isn’t substantial - I know - and the built-in security with username/hashed password is sufficient … I was just wondering about, how others have handled it.
I don’t know if I have any good advice for you but … I use Repository for ALL the course websites I create for my students. I make the page very clear and easy to find in the navigation.
But here’s the catch: I’m using Sitelok (which plays very nicely with Repository) to lock down my entire site except to students with the proper username and password. Repository even has a special setting to let it know one is using Sitelok. So in these cases making the Repository page very clear in the navigation is a plus and desirable.
I don’t know how others set up Repository on a non-protected site but my guess is there are a variety of ways to do this.
Good to include this use case in this thread as well, though quite different from using ‘Repository’ as FTP replacement for a private site.
I presume one solution is simply having no visible link to the hidden page, but remembering the page name and directly calling the URL when needed.
Please find a screenshot illustrating the recommended settings to have the ‘repository’ page NOT show in the navigation (see Jannis’ response). To avoid placing a link to the page somewhere, one could simply call the page then directly in the URL, e.g. ‘https://my_site.com/repo.php’ (provided the location of the php file is at root level of the website)
Are you using Repo just for yourself, or is it being used for public file downloads?
Personaly I use Repro as an server side file/image/media organiser. I then Copy the link and keep in my browser under Favourites and open it whenever I need to add/delete or link to something.
I never put a link to it on my site.
Yes, I agree, this seems to be the easiest way to utilize it for the private use case.