Is it possible to disable access to umbraco's backoffice while leaving all the surface and api contorllers working? What would be the correct way to achieve this?
I have 2 copies of the same solution running on the IIS in different websites. One is used as "backend", the other - "frontend". I would like to restrict the access to "frontend"'s /umbraco url aka backoffice.
We are trying to set up something similar in our environments, but the links in this thread are no longer active.
Our particular situation is that we would like to disable access to the back office on our slave servers, but retain their ability to use umbraco/api etc. Ideally we would want to have the /umbraco only url redirect to the master server's /umbraco.
In case anyone is having problems with Umbraco Forms asset files failing to serve when this rule is applied in a split environment, we had to add a "negate condition" to the rule to allow the assets to be served on the public frontend:
Disabling access to umbraco backoffice
Hey all,
Is it possible to disable access to umbraco's backoffice while leaving all the surface and api contorllers working? What would be the correct way to achieve this?
I have 2 copies of the same solution running on the IIS in different websites. One is used as "backend", the other - "frontend". I would like to restrict the access to "frontend"'s /umbraco url aka backoffice.
Umbraco 7.2.6
Hi Vaidas,
Try to check this blogpost out, http://tcmorris.net/blog/custom-domain-for-umbraco/ with this approach the Surface controllers should still work.
Hope this helps and works for you.
/Dennis
Yes as Dennis mentioned about using a rewrite rule is the best way, based on the article this is the rule we currently use:
This works perfect! A little improvement is that the regex for the backoffice can be simplified to:
If there's something else after /umbraco (surface, api, etc.) the rule wouldn't be triggered.
Cheers!
Thanks! It worked.
Hey All,
We are trying to set up something similar in our environments, but the links in this thread are no longer active.
Our particular situation is that we would like to disable access to the back office on our slave servers, but retain their ability to use umbraco/api etc. Ideally we would want to have the /umbraco only url redirect to the master server's /umbraco.
Could we get an update on this topic?
Just been looking into this and found the link above is broken, but this is the page you are looking for.
https://tcmorris.net/blog/custom-domain-for-umbraco
In case anyone is having problems with Umbraco Forms asset files failing to serve when this rule is applied in a split environment, we had to add a "negate condition" to the rule to allow the assets to be served on the public frontend:
I use the regex as ^umbraco(|\/)$. and it will match both "/umbraco" and "umbraco/", but ignore the /umbraco/api
is working on a reply...