How to Set up IP Whitelisting
0 Replies |
Tunring on SAML in DozukiDiscussion Topic |
1 Answer |
Private Category Flag for Admins or Teams |
Overview
Dozuki offers a variety of security settings that you can adjust to customize your site and make it easy and secure for your users to access your site content.
From IP Whitelisting and SSL to SAML and Google Login, we've got you covered!
All How-To Guides
Privacy
IP Whitelisting
As an added security feature, you can elect to limit your site access to specific IP addresses with IP Whitelisting. If you have this feature included on your plan, this is where you include your list of IP addresses you wish to whitelist. All other IPs will be blocked from accessing your site.
Public Registration
If you have a Public site that allows access to all internet visitors, you have the option to allow users to register for user accounts on your site without an invitation. This is particularly useful if you are trying to encourage an ever-growing online community through your site.
If you have a Private site that is invitation-only anyway, this option will not appear in your Privacy settings.
Selecting and Filtering Filetypes Site-Wide
The File Type Whitelist allows you to cherry-pick exactly which filetypes you wish to allow or block on your Dozuki site, providing a strong balance of flexibility and security.
Navigate to Configuration > Security on the Management Console, then scroll down to Supported Files.
SSO
Single Sign On (SSO) allows you to use third party programs to authenticate users into your Dozuki site.
Select which type of Single Sign On you want to enable by editing this setting:
SSO: Role Attribute Prefix
Once SSO is enabled on your Dozuki site, you have the option to add a role attribute prefix. This helps when syncing to third-party IdPs and will allow roles to be passed as dozuki-<role>
(dozuki-admin
, dozuki-author
, etc.)
Note: Dozuki defined roles (admin, author, user, etc.) cannot be customized.
Dozuki SSO
Instructions for setting up SSO with the most common third-party authentication programs are here:
SAML
Security Assertion Markup Language (SAML, pronounced sam-el) is an XML-based, open-standard data format for exchanging authentication and authorization data between parties. In particular, it functions between an identity provider and a service provider.
SAML allows the users of your organization to be automatically signed in when they visit your Dozuki site. By configuring your current Identity Provider for use with Dozuki as a Service Provider, you can administer user accounts through your existing ADFS/LDAP or other SAML provider.
For more information about setting up and using SAML, visit the following page:
SSL
SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral.
SSL is always enabled on Dozuki sites to ensure security unless content is explicitly requested from your site's Custom Domain.
Google Log in
Make it easier for users to access your site by letting them log in with their preexisting Google account.