The Site Security section of Site Settings allows you to control who can edit pages, make new pages, and upload attachments to your site.
Default View and Edit Policy
The Default View and Edit Policy controls who can edit and view pages by default. When your site is created, this is set to "Public View, Administrator Edit". This means anyone (public) can view the pages on your site, but only administrators (you) can edit the page content.
If your site is just for personal use and you don't want anyone but you to see its content, choose "Administrator View, Administrator Edit".
To create a public wiki, choose "Public View, Public Edit" or "Public View, Registered Edit". Registered users are users who have registered on the site, or users to whom you have given access after creating accounts for them (see Registrations for more about Registered Users).
Say you are a teacher and will use your wiki as a classroom collaboration tool. You might create accounts for each of your students, and then use "Registered View, Registered Edit". This will force students to login to view the site, and ensure that their edits are captured along with their login name for your tracking purposes.
If you have created one or more Policies, you can specify one of them as the default Security section. (This option does not appear until at least one Policy has been created using the Policies section of Site Settings.
You can over-ride these settings for individual pages. For example, this help site is set to "Public View, Registered Edit", but some pages, such as the Home page and the Menu, are set to "Public View, Administrator Edit". See Page Security Settings for more on over-riding the default security settings and a helpful table explaining each of the EditMe security settings.
Use this setting to define who can create new pages on your site. It is important to understand that only users who can edit pages by default (according to the Default View and Edit Policy above) can create pages. In other words, allowing Public page creation will have no effect if your default security policy is "Public View, Administrator Edit". (There is an exception to this rule: see the paragraph on enabling sticky page security below).
That said, this setting can be used to limit page creation for users who have been given default Edit permission by the Default View and Edit Policy. For example, this site's Default View and Edit Policy is set to "Public View, Registered Edit". Normally, this would mean that any registered users can edit and create pages. But the Creating Pages setting is set to "Administrators Only". Therefore, registered users cannot create new pages, but only edit existing pages.
Choose the Sticky Page Security option to allow users to create new pages from any page that they can edit, and make new pages default to the security set on the page last viewed by the user who creates the page. This setting is useful for sites that employ custom security policies (see Policies). For example, you can allow only users in certain groups to edit certain pages. With this option, those users will only see the "New" page link on pages they can edit. When they create a page there, it will inherit the security of the page that they could edit. This keeps users from creating pages that they can't edit and from creating pages that users in other groups should not see.
Like the page creation setting above it, this setting is restricted by the Default View and Edit Policy. For several important reasons discussed below, only Administrators can attach files to the site by default.
Selecting "Anyone" will allow anyone who can edit pages, according to the Default View and Edit Policy, to upload files to your site.
Selecting "Registered Users" will allow only registered users to upload files. Use this if you have opened up your site for public editing, using the "Public View, Public Edit" security policy, but want to limit uploads to registered users who you have explicitly given access (see Registrations).
Selecting "Custom User Group" will allow members of the selected group only to upload attachments. This option will only appear if one or more Groups have been created using the Groups section of Site Settings.
Selecting "Administrators Only" will allow only you and other administrative users you create to upload attachments to your site.
Beware! Allowing Public or unknown Registered users to upload attachments could potentially result in harmful files such as viruses on your site. Malicious individuals could also use your site as a storage space for unrelated files, exploiting your site for its disk space and bandwidth resources. For these reasons, EditMe strongly recommends against enabling anonymous attachment uploads. EditMe will not be held responsible in any way for damages resulting from harm to EditMe account holders or users of their sites when public or anonymous attachment uploads are enabled.
This section works similarly to the previous sections, but affects the ability to post comments. The added button labelled "Disable" allows the comments feature to be disabled altogether. If selected, even existing comments on pages will be hidden from view (although they will not be deleted from the site). You can also disable comments on individual pages. See Page Properties for more information.
Captchas are a feature to help prevent spammers from automating the posting of spam to your site with simple scripts. This feature can be enabled for any of the following areas: Editing Pages, Uploading Attachments, Entering Comments, and Registering. If enabled, the user will be presented with an image on the edit, comment, attachment, or registration form. The image, called a Captcha, displays a short word in mildly distorted text. This image is difficult for automated scripts to read. The user must type in the word they see before they can submit the form. While this doesn't prevent spammers from manually entering spam on your site, it will cut down the massive amount of spam caused by scripts. It's important to remember when testing captchas on your site that they are never displayed for administrator users.
Back to Site Administration