Controlling access to Umbraco cloud web sites during initial development/launch periods
This is a two-fold question:
The Dev site is protected behind a basic authentication login, how can we give some of our users access to the "front-end" of the Dev site without having to pay the €5/month extra for each person? These people don't need access to the back office, they are some of our own "end users" and stake holders which will participate in design, testing, etc.
The Live site is not protected behind a login. How can we block public access to the live site during development and final testing while allowing access to ourselves and our testers?
Try to add IP address of your user to Umbraco Cloud whitelist. You can whitelist IP's under Settings > Manage IP Whitelist on your project.
It's a good question. Idea is that you are testing on dev, live site is live :)
You can add some logic that will block not needed users to all pages of course but that it's not the perfect solution.
If it was only one user, then yes whitelisting would work. But in these modern times, people tend to travel, work from home, etc. so I'm looking for another solution.
We're definitely testing on Dev, but at some point we also need to do final testing on Live, due to "too many moving parts" in the deployment process. Also, it's nice to be able to show our stake holders what the final site will look like, including the real domain name and url's.
I'm curious what other Umbraco Cloud users are doing. Maybe I'm missing something?
An approach I've used in the past for this exact scenario is to set the environment marker in LIVE to development which then triggers the basic authentication for the LIVE environment. One thing this will not do is get around the 5 EUR per user monthly cost however. As far as I know, if you are using a Cloud Basic Plan that is a requirement. You can easily remove the users once your deployment phase is complete.
Here are the steps:
Access the LIVE environment's Kudu console
(https://<tors-site>.scm.s1.umbraco.io/DebugConsole)
Navigate to /site/environment/
Add an empty file named development and remove the one named live
Restart your LIVE site from the Cloud Portal
When you are ready to open access to all traffic, switch the marker files, restart, and you should be good to go.
NB: You might consider asking the Cloud Support team this question directly as they may have a more elegant solution.
I implemented Paul's work around shortly after his message was posted and it was working perfectly. But yesterday I noticed that the site again was open to the public 😱. This is not good for us, we definitely do not want some people/companies to see our site before we are ready to go live.
I've tried toggling the environment markers back and forth and restarting the env, but the live site seems to insist on being open to the public regardless.
I wish the Umbraco cloud team could assist here (I will also contact them through the cloud portal).
Controlling access to Umbraco cloud web sites during initial development/launch periods
This is a two-fold question:
The Dev site is protected behind a basic authentication login, how can we give some of our users access to the "front-end" of the Dev site without having to pay the €5/month extra for each person? These people don't need access to the back office, they are some of our own "end users" and stake holders which will participate in design, testing, etc.
The Live site is not protected behind a login. How can we block public access to the live site during development and final testing while allowing access to ourselves and our testers?
Hi Tor
Alex
Hi Alex,
If it was only one user, then yes whitelisting would work. But in these modern times, people tend to travel, work from home, etc. so I'm looking for another solution.
We're definitely testing on Dev, but at some point we also need to do final testing on Live, due to "too many moving parts" in the deployment process. Also, it's nice to be able to show our stake holders what the final site will look like, including the real domain name and url's.
I'm curious what other Umbraco Cloud users are doing. Maybe I'm missing something?
-Tor
Hi Tor -
An approach I've used in the past for this exact scenario is to set the environment marker in LIVE to
developmentwhich then triggers the basic authentication for the LIVE environment. One thing this will not do is get around the 5 EUR per user monthly cost however. As far as I know, if you are using a Cloud Basic Plan that is a requirement. You can easily remove the users once your deployment phase is complete.Here are the steps:
(https://
<tors-site>.scm.s1.umbraco.io/DebugConsole)Navigate to /site/environment/
Add an empty file named
developmentand remove the one namedliveWhen you are ready to open access to all traffic, switch the marker files, restart, and you should be good to go.
NB: You might consider asking the Cloud Support team this question directly as they may have a more elegant solution.
-Paul
Thanks Paul! This is helpful.
I'm in touch with Umbraco support (waiting for feedback, apparently it's evening in Europe now :-)), and they know of this thread...
-Tor
I implemented Paul's work around shortly after his message was posted and it was working perfectly. But yesterday I noticed that the site again was open to the public 😱. This is not good for us, we definitely do not want some people/companies to see our site before we are ready to go live.
I've tried toggling the environment markers back and forth and restarting the env, but the live site seems to insist on being open to the public regardless.
I wish the Umbraco cloud team could assist here (I will also contact them through the cloud portal).
-Tor
is working on a reply...