Secure Landing page in Adobe Campaign standard

Avatar

Avatar

CampaignUser_60

Avatar

CampaignUser_60

CampaignUser_60

08-08-2017

Trying to create a landing page in ACS which can only be opened by only internal employees(not public).. Any thoughts?

Accepted Solutions (1)

Accepted Solutions (1)

Avatar

Avatar

florentlb

Total Posts

1.1K

Likes

233

Correct Answer

239

Avatar

florentlb

Total Posts

1.1K

Likes

233

Correct Answer

239
florentlb

11-08-2017

Hi again,

I just got confirmation from the product team that this is currently not possible with Campaign Standard. Unlike in v6, Campaign Standard's landing pages are not microsites.

Florent.

Answers (10)

Answers (10)

Avatar

Avatar

florentlb

Total Posts

1.1K

Likes

233

Correct Answer

239

Avatar

florentlb

Total Posts

1.1K

Likes

233

Correct Answer

239
florentlb

11-08-2017

Hi,

Amit's reply is the correct way to proceed if you are using Campaign Classic (v6/v7). For AC Standard, I'm still investigating whether this is possible or not. I'll let you know.

Florent.

Avatar

Avatar

Amit_Kumar

MVP

Avatar

Amit_Kumar

MVP

Amit_Kumar
MVP

10-08-2017

Hi,

To solve your problem, you need to follow Three steps:

1. Configure security zone in your server if it's not configured already:

Server side configurations

2. You need to configure Security zone and add your organization IP address to allowed IP address.

To Add and configure you Ip address in the security zone look and the screen below and  Read this document: https://docs.campaign.adobe.com/doc/AC6.1/en/Technotes/AdobeCampaign_Deliverability_Configuring_Secu...

1276645_pastedImage_1.png

3.Optional step: Add your Campaign users in Access rights to LAN+VPN network no public access and they will be able to access your link.

hope this helps!

Amit

Avatar

Avatar

florentlb

Total Posts

1.1K

Likes

233

Correct Answer

239

Avatar

florentlb

Total Posts

1.1K

Likes

233

Correct Answer

239
florentlb

29-08-2017

Hi Asish,

I'm not sure there's a documented use case for these options. I'll check if there is a plan for it.

If you authorize only identified visitors, only the originial recipients of the email will be able to open it.

Visitor identification via URL parameters can be used if you want to setup a different way for visitors to be identified by the system by passing specific encrypted parameters in the URL. In this case you'd need to encrypt these URL parameters because you obviously cannot have profiles data clearly displayed in a URL. For this case we can assume that when identified on a 3rd party system, like your website, they would find a custom links were you'd use these parameters. They will be used to reconcile the visitor with a Campaign profile when accessing the form.

Hope this helps,

Florent

Avatar

Avatar

CampaignUser_60

Avatar

CampaignUser_60

CampaignUser_60

28-08-2017

Thanks Florent and Amit!

florentlb​,

For 'Authorize unidentified visitor' and ' Can you please share some specific use case that can be achieved with those 2 above features? It will be very interesting to know. I went through the documentation but not clear on use cases.

If I uncheck 'Authorize unidentified visitor' in landing page properties and publish it: Can the landing page link only be opened by the email recipient? what if they forward it? can the other person open it?

Thanks

Asish

Avatar

Avatar

Amit_Kumar

MVP

Avatar

Amit_Kumar

MVP

Amit_Kumar
MVP

20-08-2017

Hi Ashish,

The server-side configuration is used to restrict access to your environment. Just like you want to protect your UAT from public access. This is controlled by security zone+ your firewall change in your environment for the Application server and frontal server.

You have to ask your IT team to Restrict public access to your server Ip with the exception listed in the security zone.

This combination secures your access to your environment.

If you are using Apache server, then you can use access control to limit access.

Access Control - Apache HTTP Server Version 2.2

In the case of production, you restrict access to your application servers but allow frontal servers to the public or allow only certain URL if you are strict about controlling access in production as well. It just Apache rules, you can control what you don't want.

If you are using ACS, it's not possible. Although raise a ticket, and mention this environment is not public so may be they have some provision to retrict this(I am not aware of anything related to this with ACS)

Reagrds,

Amit

Avatar

Avatar

florentlb

Total Posts

1.1K

Likes

233

Correct Answer

239

Avatar

florentlb

Total Posts

1.1K

Likes

233

Correct Answer

239
florentlb

18-08-2017

Hi Asish,

For v6, I'm not an expert about microsites but you should find some hints in this section: Creating a microsite

Let me know,

Florent

Avatar

Avatar

asish_kumarp599

Avatar

asish_kumarp599

asish_kumarp599

11-08-2017

Thanks Florent for confirming it is not possible in ACS! Any thoughts on work arounds ? I am still not clear how this can be achieved in AC6 on landing page level through security zones.  Please see my comments to Amit in my previous post.

Avatar

Avatar

asish_kumarp599

Avatar

asish_kumarp599

asish_kumarp599

11-08-2017

@Amit Thanks for your response! I guess the server side configuration will make any Landing page created from the environment secure for campaign users? Please correct me if I am missing something here. My requirement is to make it secure on the landing page level for the group of email recipients(not necessarily campaign users). Can the above security zone be applied on landing page level?

Avatar

Avatar

CampaignUser_60

Avatar

CampaignUser_60

CampaignUser_60

10-08-2017

Hi Florent,

Appreciate your response on this.

Here is the specific use case. Will send the email campaign to internal employees of an organization. The email will have a link for landing page. These links can only be accessible to employees of the organization and not to outside visitors. Meaning if some one forwards that email to somebody else who is not an employee, he will not be able to open it. We are thinking of doing SSO integration for these landing pages. Wondering if there is any OOTB solution from ACS for this? I have tried using Authorize unidentified visitor and but it seems not working per my requirement. Can you please share specific use case that can be achieved with those 2 above features? It will very interesting to know.

Avatar

Avatar

florentlb

Total Posts

1.1K

Likes

233

Correct Answer

239

Avatar

florentlb

Total Posts

1.1K

Likes

233

Correct Answer

239
florentlb

09-08-2017

Hi Asish,

Can you share more details about your use case here? You have several options in the landing page properties that allow you to restrict access to the landing page, such as "Authorize unidentified visitors".

OOTB landing pages are designed to be viewed and accessed by profiles (or website visitors).

In your case, the requirements seem even more specific so I will double check with the team, but with the information that I have right now, I'm not sure that there is a way to do that.

I'll send more information as soon as I can.

Let me know if you find something in the meantime.

Florent.