Protected your website before launch with HTTP basic authentication. The module allows you to set a username and password and enable and disable them on the fly.
You need:
- PHP >= 5.6.0
- Drupal >= 8.2
Install with composer require drupal/protect_before_launch and enable from your admin panel or use drush: drush en protect_before_launch -y.
If you discover any security related issues, please email devmonk@mediamonks.com instead of using the issue tracker.
The configuration form can be found in the admin interface:
Admin > Configuration > Development > Protect Before Launch.
The module allows you to set the following options:
- Protection
- Realm
- Denied Content
- Authentication Type
- Username
- Password
- Exclude Paths
- Environment Key
- Environment Value
Can be disabled, enabled or be controlled by the environment.
When it is set to "Auto Enabled by Environment" the module will look for the environment variable and when this is set it will enable the password protection.
When also the Environment Value is set the the module will check if the value in the variable is set matches before enabling.
This is the message that appears in the authentication box of the browser.
This is the content that will be outputted to the user if credentials can't be validated if the site is currently under protection.
The module allows you to use the Drupal user database to authenticate against an existing user or use a username and password. This username and password stored is independent from the Drupal user database.
Default username and password is set to:
username: username
password: password
Make sure you change these when using the built-in authentication option!
The exclude paths option allows you to set (pcre) patterns. When the url matches an exclude path for that path protection will be disabled.
By default the environment key is set to "AH_NON_PRODUCTION" to work correctly with Acquia Hosting. Set the protection mode to "Auto Enabled by Environment" and all non-production servers will be password protected automatically.
These console commands are available when using Drupal Console:
protect_before_launch:protect [disabled | enabled | environment]
Enable / Disable the password protection
protect_before_launch:username [<username>]
Set the username to authenticate against.
protect_before_launch:password [<password>]
Set the password to authenticate against.
protect_before_launch:environment [<key>] [<value>]
Set the environment environment key and environment value
protect_before_launch:environment [<key>] --no-value
Set the environment environment key without environment value
The GPL version 2. Please read more about Licensing in Drupal.