I am looking for ways to make some of the posts on my blog visible only to myself but can't seem to this in Hugo.
Is there any way around this such as setting a password for certain posts?
Or is the feature supported but I just haven't found it?
Since Hugo just generates the static HTML, the question can be widened to: how to password-protect any static content on the web server.
That's doable.
It depends what is your web server using: Apache or Nginx or something else.
In Apache case, set up password authentication via .htaccess. See tutorials like this.
In Nginx case, set up password on your server block section, see tutorials like this.
For other server (IIS?), google accordingly.
Some people will want to downgrade this question, but in my opinion it's very valid, for example, if you want to post portfolios, CV's and whatnot on your personal website and limit public access
Make a landing page on Hugo site, password-protect the URL and give visitors the password. Easy, fast and still static!
My way to keep posts private is to set the draft flag in the front matter:
TOML
draft: "true"
A good practise for me is to connect a local instance of Hugo with GitLab/GitHub. If you want to see your website or a specific post as a rendered version you can turn on and off the visibility of pages using the draft flag with true and false.
If you have finished your tests you can push the final version with or without the draft flag active to the repo and sync it with your server side installation of Hugo.
Posts are displayed in multiple places (RSS feeds, search results, sitemap etc.).
Here is an article with an updated checklist and a solution to publish hidden posts with Hugo
Installation
git clone --recurse-submodules git#github.com:RoneoOrg/hugo-offtherecord-demo.git
cd hugo-offtherecord-demo
hugo serve
Usage
Set offTheRecord to true in the Front Matter of the posts you want to hide. That’s all!
See the source for details
Related
I have a Github project, github.com/jeti/matrix, and I set up a "Github pages" site for the project so that it is accessible here jeti.github.io/matrix/.
That is all configurable through Github.
Now, I would like to add a subdomain of my personal website so that the website is accessible via the subdomain matrix.jeti.io of my website jeti.io.
I am just really confused how to do that because the documentation don't seem to show how to redirect a project page to a subdomain. I have tried a few permutations of what I think should be the correct inputs, but because these DNS changes take so long to propagate, it is really hard to test.
Specifically, I would like to know what value to enter into Github as the Custom domain (it seems to me that this should simply be the subdomain matrix.jeti.io, but I am not sure, so I have left this blank):
Then I also need to create the subdomain. I bought the domain through OVH, and they provide a few options for adding a DNS entry:
My understanding is that I need to add 2 apex records. I did that already:
What is unclear to me is whether I also need to add a CNAME entry. This is what the form looks like when I try to add a CNAME entry:
So in recap:
I did not specify the Custom Domain on the Github site.
I created the 2 apex records shown above.
I did not create a CNAME entry.
Please tell me which of these steps needs to be changed and how to modify it.
After more trial and error, the answer seems to be
The Github custom domain should indeed be matrix.jeti.io
I did not need the apex records. In fact, Github emailed me discouraging it. So I deleted the apex records.
In OVH, I added a DNS CNAME entry like this:
The thing that was confusing me is that I thought that the CNAME entry needed to have a link to the original Github pages WITH the project name jeti.github.io/matrix. That was wrong. The target is simply jeti.github.io. (Note the period on the end).
I am developing my blog in Jekyll (3.0.0 beta), currently on localhost,
When i am trying to implement the pretty permalink and i try to visit a post it shows a WEBrick error.
If i apply the /:year/:month/:day/:title.html it works fine do you have a clue why isn't it working with pretty permalinks?
This is the error I get:
/2015/08/03/are-permas-working.html' not found. WEBrick/1.3.1 (Ruby/2.1.6/2015-04-13) at localhost:4000
Once you set Jekyll permalinks to pretty in _config.yml like so:
permalink : pretty
... and restart your WEBrick server (a restart of the server instance using jekyll serve or bundle exec jekyll serve [if following GitHub] is needed for the new values to take effect, your permalinks will no longer be in the format of YYYY/MM/DD/title-slug.html since they are now "pretty". The new format for your links will be /:categories/:year/:month/:day/:title/. This is in accordance to the format determined by the pretty variable as defined here in the documentation.
What this means for you is that your original link for the 'Are permas working' post is no longer at localhost:4000/2015/08/03/are-permas-working.html, rather they are now at localhost:4000/2015/08/03/are-permas-working/ since you don't have a category defined.
You're experiencing this error because after you've made the change and restarted your server you most likely did not navigate to the post from your homepage (which will have that new link to point to the post), rather you just refreshed the page on your browser, which will throw a 404 since the page is no longer there.
Bonus, Jekyll makes posts pretty by creating folders 2015 -> 08 -> 03, and then a folder for that specific post, with an index.html inside it.
Also, if you wanted "pretty-fied" links that don't have the dates there, you'll need to manually specify that using this:
permalink: "/:categories/:title"
This ensure will hide the .html extension and also get rid of date values.
EDIT: From the comments I stated that using /:title for permalinks might not work since there are conflicts with non-post pages, I stand corrected. If you wanted short permalinks like user.github.io/title-of-blog-post/ you would just need to set permalink : /:title and you're good to go. However, if you have non-post pages such as an about page, a credits page, you should explicitly set permalinks on those pages to be /about and /credits on the YAML frontmatter to avoid the edge case of also having a blog post with the title about and accidentally overwriting the non-post page.
I have a legacy site that uses shtml pages. I have a project to add dynamic functionality to this site -- an MVC app where the user uploads files and the controller generates an email.
For legacy reasons, I am not able to rewrite the site. I also do not have web admin access to the site; I can only work with files in my area. The path I have to work with is //host/foo/bar/baz.
According to this Stack Overflow question, I ought to be able to make a link in the originating static page within the directory baz as link text. I tried that, and after fixing up issues with the app's web.config file, I got a 404 error. This does make sense now that I think about it, as there is no directory in baz called Controller -- only bin, Views, and the like. The physical path not found is foo/bar/baz/Controller/Action.
There are plenty of articles and Stack Overflow questions about adding a static page to an MVC app, but I have found nothing discussing the other direction.
How do I link from the static HTML page to the MVC action?
(I may have follow-on questions as I try to get the app to run.)
Edited to add:
I tried moving the MVC app code to the top level of the web site (in my development environment). When I used the link this time, I encountered a configuration error in my IoC file, with mismatched versions of Entity Framework. This approach might be promising, and it also might encounter permissions issues in the operational environment.
Also, I do not have write permissions to the root level of the web server's documents area, only my subdirectory area.
link text
Try with "/" before controller
I am building my personal website using Jekyll and hosting it at github-pages. I would like to have a password protected area (just password protected directory, not the whole website). I have tried a few options and tricks to get htaccess to work but failed.
I would like to know if someone managed to use htaccess, or any other method, to protect a directory on github-pages.
Listing solutions which did not work for me (or I failed to get them to work):
*Flohei.
*Jeremy Ricketts.
GitHubPages (like Bitbucket Pages and GitLab Pages) only serve static pages, so the only solution is something client side (Javascript).
A solution could be, instead of using real authentication, just to share only a secret (password) with all the authorized persons and implement one of the following scheme:
put all the private files in a (not listed) subdirectory and name that with the hash of the chosen password. The index page asks you (with Javascript) for the password and build the correct start link calculating the hash.
See for example: https://github.com/matteobrusa/Password-protection-for-static-pages
PRO:
Very simple approach protecting a whole subdirectory tree
CONS:
possible attack: sniffing the following requests to obtain the name of the subdirectory
the admins on the hosting site have access to the full contents
crypt the page with password and decrypt on the fly with javascript
see for example: https://github.com/robinmoisson/staticrypt
PRO: no plaintext page code around (decrypting happens on the client side)
CONS:
just a single page, and need to reinsert the password on every refresh
an admin could change your Javascript code to obtain the password when you insert it
One option is to use Cloudflare Access to control access at the DNS level.
After setting up a custom domain for your Git pages using Cloudflare for DNS, you can use their Access rules policy to require authentication at the specified url path.
This could still be bypassed if someone is familiar with bypassing DNS blocks.
https://www.cloudflare.com/products/cloudflare-access/
You can give a try to Jekyll Auth and if you run into troubles, this issue can be useful.
You can use Render to deploy your static Web app. It has a npm package that encrypted your html files and user can not see it in browser. So you can use frontend password validation.
I was wondering what's the best way to switch a website to a temporary "under costruction" page and switch it back to the new version.
For example, in a website, my customer decided to switch from Joomla to Drupal and I had to create a subfolder for the new CMS, and then move all the content to the root folder.
1) Moving all the content back to the root folder always create some problems with file permissions, links, etc...
2) Creating a rewrite rule in .htaccess or forward with php is not a solution because another url is shown including the top folder.
3) Many host services do not allow to change the root directory, so this is not an option since I don't have access to apache config file.
Thanks
Update: I can maybe forward only the domain (i.e. www.example.com) and leave the ip on the root folder (i.e. 123.24.214.22), so the access is finally different for me and other people? Can I do this in .htaccess file ?
One thing to consider is you don't want search engines to cache your under construction page - and you also don't want them to drop your homepage from the search index either (Hence just adding a "noindex" meta tag isn't the perfect solution).
A good way to deal with this is do a 302 redirect (temporarily moved) from your homepage to your under construction page - that way the search engine does not cache your homepage as an under construction page, does not index your under construction page (assuming it has a NOINDEX meta tag), and does not drop your homepage from the search index either.
One way would be the use of an include on your template page.
When you want the construction page to show, you set a redirect in the include to take all traffic to the construction page.
When you are done your remove the redirect.
What about hijacking your index.php file?
Something simple, along the lines of
<?php
if (SITE_OFFLINE)
include 'under_construction.html';
else
//normal content of your index page
?>
where you would naturally define SITE_OFFLINE in an appropriate place for your needs.
What I did when I used PHP for websites was to configure Apache to direct all requests to a front controller. You then would have full access to all requests no matter where they are pointing to. Then in your front controller (PHP file, static html file, etc.), you would do whatever you need to do there.
I believe you need to configure pathinfo in Apache and some other settings, it has been about 3 years since I have used that approach. But, this approach is also good for developing your own CMS or application so that you have full control over security.
You have to do something similar to this:
http://www.phpwact.org/pattern/front_controller
I am looking for more details, I know my configuration had more to it than that.
This is part of what I'm looking for too:
http://httpd.apache.org/docs/2.0/mod/core.html
Enabling path_info passes path information to the script, so all requests now go through a single point of entry. Let me find my configuration, I know vaguely how this works, but I'm sure it looks like a lot of hand waving.
Also, keep in mind that because all requests are going through this single PHP file, you are responsible for serving images, JavaScript, CSS, etc. So, if a requests is coming in for /css/default.css, that will go through your php script (index.php, most likely), then you'll need to determine how to handle the request. Serving static files is trivial, but it is a little more work.
If you don't want to go that route, you could possibly do something with mod_rewrite so that it only looks for .html, .htm pages or however you have your site configured. For me, I don't do extensions, so that made my regex a little more difficult. I also wanted to secure access to all files. The path_info was the solution for me, but if you don't need that granularity, then writing a front controller might be a bit too much work.
Walter