Loading...
 
Page actions
PDF Print
Tiki Reference Guide  »  Security  »  Site Access

Security Site Access tab

Related Topics
Overview
Use this tab to configure how Tiki handles the security relating to site access.
To Access
From the Security Admin page, click the Site Access tab.



Option Description Default
Close site Use this setting to \"close\" the Tiki site (such as for maintenance). Users attempting to access the site will see only a log-in form. Only users with specific permission will be allowed to log in. Use the Message to display to specify the message that visitors will see when attempting to access your site. Disabled
Message Site is closed for maintena...
Close site when server load is above the threshold Use this option to "close" the Tiki site when the server load exceeds a specific threshold. Only users with specific permission will be allowed to log in. Use "Maximum average server load threshold in the last minute" to define the maximum server load. Use the "Message to display" to specify the message that visitors will see when attempting to access the site. Disabled
Maximum average server load threshold in the last minute 3
Message Server is currently too bus...
Enable intrusion detection system An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Disabled
Custom rules file temp/ids_custom_rules.json
Intrusion detection system mode Define IDS operation mode, log only, or log and block with impact over a given threshold.
Log only | Log and block requests		 Log only
Intrusion detection system threshold Define IDS threshold, when configured in "Log and block requests" more. 0
Log to file ids.log
Log to database Disabled
Option Description Default
Close site Use this setting to "close" the Tiki site (such as for maintenance). Users attempting to access the site will see only a log-in form. Only users with specific permission will be allowed to log in. Use the Message to display to specify the message that visitors will see when attempting to access your site. Disabled
Message Site is closed for maintena...
Close site when server load is above the threshold Use this option to "close" the Tiki site when the server load exceeds a specific threshold. Only users with specific permission will be allowed to log in. Use "Maximum average server load threshold in the last minute" to define the maximum server load. Use the "Message to display" to specify the message that visitors will see when attempting to access your site. Disabled
Maximum average server load threshold in the last minute 3
Message Server is currently too bus...
Enable intrusion detection system An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Disabled
Custom rules file temp/ids_custom_rules.json
Intrusion detection system mode Define IDS operation mode, log only, or log and block with impact over a given threshold.
Log only | Log and block requests		 Log only
Intrusion detection system threshold Define IDS threshold, when configured in "Log and block requests" more. 0
Log to file ids.log
Log to database Disabled
Option Description Default
Close site Use this setting to “close” your Tiki (such as for maintenance). Users attempting to access your site will see only a login box. Only users with specific permission will be allowed to log in. Use the Message to display to specify the message that visitors will see when attempting to access your site. Disabled
Message Site is closed for maintena...
Close site when server load is above the threshold Use this option to “close” your Tiki when the server load exceeds a specific threshold. Only users with specific permission will be allowed to log in. Use Maximum average server load threshold in the last minute to define the maximum server load. Use the Message to display to specify the message that visitors will see when attempting to access your site. Disabled
Maximum average server load threshold in the last minute 3
Message Server is currently too bus...
Enable intrusion detection system An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Disabled
Log to file ids.log
Log to database Disabled
HTTP header x-frame options The x-frame-options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a <frame>, <iframe> or <object> Disabled
Header value DENY | SAMEORIGIN DENY
HTTP header x-xss-protection The x-xss-protection header is designed to enable the cross-site scripting (XSS) filter built into modern web browsers Disabled
Header value 0 | 1 | 1;mode=block 1;mode=block
HTTP header x-content-type-options The x-content-type-options header is a marker used by the server to indicate that the MIME types advertised in the Content-Type headers should not be changed and be followed. Disabled
HTTP header content-security-policy The Content-Security-Policy header allows web site administrators to control resources the user agent is allowed to load for a given page. Disabled
Header value None
HTTP header strict-transport-security The Strict-Transport-Security header (often abbreviated as HSTS) is a security feature that lets a web site tell browsers that it should only be communicated with using HTTPS, instead of using HTTP. Disabled
Header value None
HTTP header public-key-pins The public-key-pins header associates a specific cryptographic public key with a certain web server to decrease the risk of MITM attacks with forged certificates. If one or several keys are pinned and none of them are used by the server, the browser will not accept the response as legitimate, and will not display it. Disabled
Header value None
Option Description Default
Close site Close the site (except for those with access permission) Disabled
Message to display Message to display Site is closed for maintena...
Close site when server load is above the threshold Close the site when the server load is above the threshold (except for users with closed-site access permission) Disabled
Maximum average server load threshold in the last minute Maximum average server load threshold in the last minute 3
Message to display Message to display Server is currently too bus...
HTTP Header X-Frame Options The X-Frame-Options HTTP response header can be used to indicate whether or not a browser should be allowed to render a page in a <frame>, <iframe> or <object> Disabled
Header Value DENY | SAMEORIGIN DENY
HTTP Header X-XSS-Protection The x-xss-protection header is designed to enable the cross-site scripting (XSS) filter built into modern web browsers Disabled
Header Value 0 | 1 | 1;mode=block 1;mode=block
Option Description Default
Close site Close the site (except for those with access permission) Disabled
Message to display Message to display Site is closed for maintena...
Close site when server load is above the threshold Close the site when the server load is above the threshold (except for users with closed-site access permission) Disabled
Maximum average server load threshold in the last minute Maximum average server load threshold in the last minute 3
Message to display Message to display Server is currently too bus...
Option Description Default
Close site (except for those with permission) Close site (except for those with permission) Disabled
Message to display Message to display Site is closed for maintena...
Close site when server load is above the threshold (except for those with permission) Close site when server load is above the threshold (except for those with permission) Disabled
Maximum average server load threshold in the last minute Maximum average server load threshold in the last minute 3
Message to display Message to display Server is currently too bus...
Option Description Default
Close site (except for those with permission) Close site (except for those with permission) Disabled
Message to display Message to display Site is closed for maintena...
Close site when server load is above the threshold (except for those with permission) Close site when server load is above the threshold (except for those with permission) Disabled
Maximum average server load threshold in the last minute Maximum average server load threshold in the last minute 3
Message to display Message to display Server is currently too bus...
Option Description Default
Close site (except for those with permission) Close site (except for those with permission) Disabled
Message to display Message to display Site is closed for maintena...
Close site when server load is above the threshold (except for those with permission) Close site when server load is above the threshold (except for those with permission) Disabled
Maximum average server load threshold in the last minute Maximum average server load threshold in the last minute 3
Message to display Message to display Server is currently too bus...


Close site

Activated with the "Close site when server load is above the threshold" or "Close Site" prefrences. The site will be closed but allow groups with tiki_p_access_closed_site permission to log in.

The page displayed when the site is closed is generated from a template HTML file called templates/styles/site_closed.html. If you want to customise this, it is recommended you make a copy of it called site_closed_local.html and edit that. This will be used in preference to the standard one if found.

The following "tags" will be replaced in the HTML:

{title}
Page title and H1 tags
{error}
Text displayed under the title heading
{login}
The login form
{back}
A bowser back button (probably will be removed)

Alias: Site Closed
Alias: Close Site

Page last modified on Thursday 07 September, 2017 03:57:49 GMT-0000
History Source Comments

doc.tiki.org

Bootstrap AdminGuide UserGuide

Keywords

Keywords serve as "hubs" for navigation within the Tiki documentation. They correspond to development keywords (bug reports and feature requests):

Accessibility (WAI and 508)
Accounting
Articles and Submissions
Backlinks
Banners
Batch
BigBlueButton audio/video/chat/screensharing
Blog
Bookmark
Browser Compatibility
Link Cache
Calendar
Category
Chat
Clean URLs
Comments
Communication Center
Compression (gzip)
Contacts (Address Book)
Contact us
Content Templates
Contribution
Cookie
Copyright
Credit
Custom Home and Group Home Page
Date and Time
Debugger Console
Directory of hyperlinks
Documentation link from Tiki to doc.tiki.org (Help System)
Docs
Draw
Dynamic Content
Dynamic Variable
External Authentication
FAQ
Featured links
File Gallery
Forum
Friendship Network (Community)
Gmap Google maps
Groups
Hotword
HTML Page
i18n (Multilingual, l10n, Babelfish)
Image Gallery
Import-Export
Install
Integrator
Interoperability
Inter-User Messages
InterTiki
Kaltura video management
Karma
Live Support
Login
Logs (system & action)
Look and Feel
Lost edit protection
Mail-in
Map with Mapserver
Menu
Meta Tags
Mobile Tiki and Voice Tiki
Mods
Module
MultiTiki
MyTiki
Newsletter
Notepad
Payment
Performance Speed / Load
Permissions
Platform independence (Linux-Apache, Windows/IIS, Mac, BSD)
Polls
Profiles
Profile Manager
Report
Toolbar
Quiz
Rating
Feeds
Score
Search engine optimization
Search
Search and Replace
Security
Semantic links
Shadowbox
Shadow Layers
Share
Shopping cart
Shoutbox
Slideshow
Smiley
Social Networks
Spam protection (Anti-bot CATPCHA)
Spellcheck
Spreadsheet
Stats
Surveys
Tags
Task
Tell a Friend, alert + Social Bookmarking
TikiTests
Theme CSS & Smarty
Trackers
Transitions
TRIM
User Administration including registration and banning
User Files
User Menu
Watch
WebDAV
Webmail
Web Services
Wiki History, page rename, etc
Wiki Plugin extends basic syntax
Wiki Syntax
Wiki structure (book and table of content)
Workspace
WSOD
WYSIWYCA
WYSIWYG
XMLRPC

Tiki Newsletter

Delivered fresh to your email inbox!
Newsletter subscribe icon
Don't miss major announcements and other news!
Contribute to Tiki
Show PHP error messages