Topics Map > Permissions
WiscWeb - Options for protecting pages
- Offering Comparison
- Native WordPress Password Protection
- NetID Page Protection
- Publishing to Private
- Non-Indexed Site
- KnowledgeBase Pages
- UW Box for Media (Example: PDF files)
The following chart breaks down the various options available to you and the situations to which they are best suited.
|Offers Protection at the Root
|Offers Individual Page Protection
|Offers Protection for Media
|Offers Protection for Select List of NetIDs
|Offers Protection for Entire UW-Madison Network
|Native WordPress Password Protection
|NetID Page Protection
|Publishing to Private
See Important considerations before proceeding.
WiscWeb now offers an option to password protect an individual page of a website using WordPress's native protection option.
To set your own password for a page, follow these steps:
- On a page or post, locate the Publish box in the top right corner
- Click the Edit link next to Visibility
- Choose the Password Protected radio button
- Set your desired password
- Click the OK button
- Click the blue Update button to save your changes
- Do not use your NetID password for your protected page.
- This option will not protect media files that are added to the page. If you upload a file to this page, the URL of the file is still publicly accessible if shared directly. If you require protection for media, we suggest uploading to UW Box.
- Protected pages should still not be used for sharing sensitive/restricted data. WiscWeb is not secured to host any sensitive/restricted data. See WiscWeb - Sensitive, Restricted, and Internal Data Policy.
- Anyone with the password - even those outside of the organization - will be able to get to content protected in this manner.
This option will allow you to lock a page down to NetIDs. This does not integrate with Manifest Groups and should not be used to lock down all pages of a site.
WordPress offers the option to publish pages as "Private" rather than public. This option is located in the Publish box in the top right corner of a page or post.
When a page or post is published to Private, it can only be viewed by Admins and Editors of the project. They will be prompted with the standard NetID login screen if not already logged in to Shibboleth. After logging in with NetID credentials, they will be brought to the page content. (Note: this option is only recommended for standard Pages and Posts)
If a user who is not an Admin or Editor on your site attempts to access the page, they will be brought to WiscWeb's standard 403 error page.
To publish a page as private, click the Edit link next to Visibility. Click on Private and choose OK. Then click the blue Update button to save your changes.
In WordPress, you have the option to turn off the ability for search engines to index your site. This setting is located in your site's Reading settings (Settings > Reading). The option is unchecked by default, but can be activated if your preference is for your site to not appear in search results. This will mean that users who have the exact URL of the site can still get to it, but the likelihood of someone stumbling across it is decreased. Also, the site should not appear in campus or Google searches.
Please note that it is up to the individual search engine to honor this request.
The UW KnowledgeBase (KB) is an ideal location for secure content as it allows for several options for protection. These various options are detailed in their own documentation. In general, though, you can use the KnowledgeBase to lock down web content to all NetIDs or a select list of users.
Once your KB documentation is created, you can integrate it with an existing WiscWeb project by linking out to the content or by utilizing the KB Search plugin.
For questions about the KnowledgeBase, please contact the KB team: firstname.lastname@example.org
If the content that you need protected is just media (JPG, PNG, PDF, and other files), we strongly recommend moving these over to UW Box, where you can more easily maintain access to these docs.UW Boxallows for robust permission and archival settings. Additionally, files loaded here can easily be shared with users located both on and off campus. To utilize this option, simply upload the files to Box, set the permissions, and then link to the documents and images from the webpage.
If you're looking to lock down an entire website at the root, a nice option might be to use SharePoint. More information can be found in Microsoft 365 - Getting Started with SharePoint Online.
- Protected sites or pages may not export data to Google Analytics. The tracking cookie will not be able to capture user interaction with your site if the site or page is not public.