Expand my Community achievements bar.

Guidelines for the Responsible Use of Generative AI in the Experience Cloud Community.
SOLVED

Restrict AEM website acccess with a login popup

Avatar

Level 4

Hi all,

 

we are migrating website from AEM 6.5 to AEMaaCS and want our Dev and stage websites to be protected by a login popup to prevent them from being crawled by bots.

Can anyone suggest a way to do that.

 

Thanks,

Pardeep

Topics

Topics help categorize Community content and increase your ability to discover relevant content.

1 Accepted Solution

Avatar

Correct answer by
Community Advisor
6 Replies

Avatar

Community Advisor

Hi @pardeepg4829047 ,

To restrict access to your AEM website with a login popup, you can use AEM's built-in authentication and authorization features. Here are the high-level steps to achieve this:

1. Create a custom login page: You can create a custom login page that will be displayed when a user tries to access the website. This page can include a login form where users can enter their credentials to access the website.

2. Configure authentication: You can configure AEM's authentication handler to use your custom login page. This will ensure that users are redirected to your login page when they try to access the website.

3. Configure authorization: You can configure AEM's authorization settings to restrict access to the website. This can be done by creating a new user group and adding the users who should have access to the website to this group. You can then configure the website's permissions to only allow access to this user group.

Here are some more detailed steps to achieve this:

1. Create a custom login page:
- Create a new page in AEM that will serve as your custom login page.
- Add a login form to this page where users can enter their credentials.
- You can use AEM's built-in login components to create the login form.

2. Configure authentication:
- Open the AEM Web Console and navigate to the "Apache Sling Authentication Service" configuration.
- Set the "Login Page" property to the path of your custom login page.
- Save the configuration.

3. Configure authorization:
- Create a new user group in AEM that will have access to the website.
- Add the users who should have access to the website to this group.
- Navigate to the website's permissions settings and configure them to only allow access to the user group you created.

Once these steps are completed, users will be redirected to your custom login page when they try to access the website. They will need to enter their credentials to access the website. Bots and unauthorized users will not be able to access the website.

Avatar

Community Advisor

Hi @pardeepg4829047 
You can disable crawling using robot.txt.

https://www.anura.io/fraud-tidbits/how-to-stop-bots-from-crawling-my-website 

 

you can add basic authentication directly on apache or CDN.



Arun Patidar

Avatar

Level 4

Hi Arun,

 

Since we are using common vhost file for dev, stage and prod by using ServerAlias as *.domain.com - is there a way to apply basic authentication to only dev and stage and exclude production.

Also, can we do this through the pipeline only in AEMaaCS as we dont have seperate dispatcher running on Apache.

Avatar

Correct answer by
Community Advisor

Avatar

Level 4

If anyone has reference examples of how to implement this in AEMaaCS step-by-step, please share the same. 

Avatar

Administrator

@pardeepg4829047 Did you find the suggestions from users helpful? Please let us know if you require more information. Otherwise, please mark the answer as correct for posterity. If you've discovered a solution yourself, we would appreciate it if you could share it with the community. Thank you!



Kautuk Sahni