What is Site Wide Protection


The Site-Wide Protection setting in your VedaCMS allows you to password protect your entire website using either a simple passcode shared by all users or a full member login form (each member has their own account).


How it works:


When site-wide protection is enabled, a universal login page is automatically generated & displayed to visitors that aren't logged in.  This login page will appear no matter which page of your site they enter on, as long as it's a page or content area managed by VedaCMS. 


Choose between two login methods.


You can choose between having visitors login with a full member account (which requires adding them first to the built-in membership system in VedaCMS) or just set the login page to use a single passcode that is the same for everyone & used to enter the site.

Which option to go with depends on the level of security you need. Although both methods prevent public access to your website, they are vastly different in terms of capabilities & ease of use. More details about each method & pros/cons of each are outlined below.


Option 1: Single passcode login


Allows users to enter the website using a single password you have set within the 'Settings > Member Settings' of VedaCMS. To grant access, simply share the passcode with whoever you want to give access to.  However, be sure to review the pro/con info below, as this method only provides very basic protection and has much more limited capabilities.

Pros:



  • Easiest & most basic method of restricting website access

  • Less complicated than full membership system

  • Very little (if any) learning curve required

  • Provides faster website login (1 field only)

  • Only one password to remember

  • Requires less time to maintain and manage than full membership system


Cons:



  • Less secure and fewer features than full membership system

  • Logins are not captured, logged or stored in anyways. No way to detect abuse.

  • Password can be easily shared with someone you haven't authorized

  • No user management  or built in tool to keep track of who you've given access to

  • Password changes prevent existing users being able login unless they're notified of new info

  • Only always website entry. Doesn't give access to anything you've locked or set as 'member only' in VedaCMS.


Use this option if:



  • You just want the most basic protection option that prevents public access to your website.

  • You don't need logs that show login history, failed login attempts or any other info about logins

  • You don't need to keep track of individual users you've given access to


Option 2: Full Member Account Login


Users must be added to the 'Members' area of VedaCMS and will login to the site using their member email address and whatever password was randomly generated (and sent) to them when their account was created or approved.

Note: Admins use different login logic
You (and any admins you've added) will need to login to your website using the email & password associated with your VedaCMS admin account. If you're not sure which email is associated, click the 'Account' link in the top right corner of VedaCMS . DO NOT create a member account for yourself that uses the same email address as your admin account, as it will create login conflicts.

Pros:



  • Ability to manage members & track individual logins
    (list of current members, ability to add/edit/delete members and view their login history)

  • All login activity (both failed & successful) is captured and logged
    (date/time, member & ip address)

  • Private mailing list automatically generated in the 'mailing list' area for sending out bulk messages to members.

  • View/access list of recent successful logins (date, ip address & member email)

  • View/access list of failed login attempts (date, ip address & submitted data)

  • Allows accessing any content set as 'member only' or locked within VedaCMS.

  • Option to use built-in request form for a semi-automated membership requests

  • If using built in member request form, easier access & processing of member requests from 'Pending Members' queue.

  • Customize auto-response sent when pending membership is approved or denied

  • Ability to allow auto-approved memberships for trusted friends by using a special invitation code on request form.


Cons:



  • A more complicated system that will require time to learn & get familiar with

  • Requires more time to maintain and manage members

  • Involves more tools/options in VedaCMS that may be intimidating for notice users.

  • Users have to be added to the 'Members' area of VedaCMS before a login is created for them, so the process of granting access can take longer than using a simple passcode.





Customizing the login page


The built-in login page allows for the following changes from within VedaCMS:



  • Custom content above login field(s)
    To make changes, click the edit icon next to 'Universal Login Page' found within the 'Pages' area of VedaCMS.

  • Colors for page background, text & links
    Can be set for the page by going to 'Settings > Member Settings > Site Wide Protection' and using the color picker tool for each option shown next to the 'Universal Login Page' field
    (note: color options & fields do not display if 'Full Site Protection' is set to 'Disabled').


Note:
The way in which the login page is currently implemented does NOT allow for changes to be made easily on the layout or base design. The only way it can be done right now is to customize or override core VedaCMS scripts. stomized by going to the 'Pages' area of VedaCMS and clicking the edit icon next to the entry that reads "Universal Login Page". The process requires more time than what's typical for a landing page design because of how the changes need to be made.