My customer is in development mode and they are using https://CUSTOMER.test.litium.site/.
It is currently totally open to the outside world, which is a problem.
How do you normally protect a Litium web site in development? By a simple PIN or full login? Is there a standard? Anything built in?
Litium version: 8
you can to some extent use litiums build in permissions to say the you need to be part of a group to view a specific page. login page need to be open to anyone in that case.
We have used the same thing that Jonas Kastebo above says, we’ve locked down all pages so they require a group permission.
Do note: if you set permissions on startpage, and select that all subpages should have same permissions, you will break order confirmation emails or other emails. Litium calls iteself to get html email content, those pages can not be locked down 
You might also run in to this: if you have a search field in the header, you will still be able to search for products for example, if you don’t have permissions set on those, or disable the search if user is not logged in etc…
This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.