WordPress.org

Ready to get started?Download WordPress

Forums

Friends Only
[resolved] working with WP privacy settings (noindex,nofollow) (23 posts)

  1. gorky5
    Member
    Posted 2 years ago #

    I've been using this plugin to limit access to a photo gallery of my young son, so only selected friends and family members can access it. It generally works well, so thanks for creating it.

    When I set the website up I blocked search engines in Settings > Privacy, which added meta name=robots content='noindex,nofollow' to the pages within the site. However, Friends Only doesn't seem to take any notice of this setting, meaning that the password page (effectively the new homepage) of my site is now listed by search engines.

    Is there any chance of an update to the plugin so it takes note of the privacy settings? I'd have thought that many people who want to restrict access would also like their site not to be listed by search engines. I could block spiders via htaccess but thought I should raise it here too.

    http://wordpress.org/extend/plugins/friends-only/

  2. Gabe
    Member
    Plugin Author

    Posted 2 years ago #

    Thanks for pointing this out!

    Just uploaded v0.4.4 to the repository with a fix for this, let me know how you go.

    Please rate the plugin in return. :)

    Cheers,

    Gabe

  3. gorky5
    Member
    Posted 2 years ago #

    Thanks Gabe. What a great response.

    Noindex,nofollow is now working fine. However, I've noticed that the doctype is missing from the page source of the password page (it was there before the latest update).

    It's not really a big deal because the page is so simple and should render fine in most browsers, and in my case the site is only used by a handful of people so I'm not so worried. I thought it might be worth letting you know about though.

    Thanks again,

    Joe

  4. flyw
    Member
    Posted 2 years ago #

    Hi,

    First i want to say that your plug-in is great to make a simple access for a page or a complete site, simple to use and it works perfectly.

    I have only 1 question, is it possible to put most than one email in the "Email notification"?
    I tried with a coma, between 2 email, but it seems it blocks all emails after.

    Ty by advance for your answer

    Best regards

    flyw

  5. Gabe
    Member
    Plugin Author

    Posted 2 years ago #

    @gorky5 - DOCTYPE issue fixed

    @flyw - you can now specify multiple emails for notification (separated by commas).

    Check out v0.4.5 uploaded to the repository just now.

    Gabe

  6. flyw
    Member
    Posted 2 years ago #

    You are great !!!
    And now it's writing, "friends only notification"
    very good !

    All works fine
    ty very much for your work

    best regards

    Flyw

  7. gorky5
    Member
    Posted 2 years ago #

    Great stuff. Thanks Gabe! I gave you a good rating on the plugin page :)

  8. flyw
    Member
    Posted 2 years ago #

    Hi Gabe

    Another little thing.
    I see, there is a time limit for the connection, because after some minutes we are disconnected.
    For me, this time is too short.
    It is possible to adjust this time limit ?

    Thanks

    Best regards

    Flyw

  9. Gabe
    Member
    Plugin Author

    Posted 2 years ago #

    Flyw - the cookie is currently set to expire when the browser session is closed (i.e. when the user shuts down the web browser).

    I chose this because it's more intuitively secure than a number of minutes (because there's no 'logout' function, the user has no direct control over closing the session apart from closing the browser).

    If I used a count of minutes, the user might close the browser and then someone else opens it up and accesses the site,etc.

  10. flyw
    Member
    Posted 2 years ago #

    Hi Gabe

    The only problem i meet is :
    for example, when you log in, you are on the homepage, and when you change on other page, the log in page appear again.
    What is the issue to resolve this problem.

    i just finished this site wich my client want a restricted access.
    http://www.providence-ams.fr
    password: friendonlytest@providence.fr

    ty for your advise

    Best regards

    flyw

  11. Gabe
    Member
    Plugin Author

    Posted 2 years ago #

    Just tried it, and saw the bug you talked about once, but then I tried again and it didn't happen.

    I'll keep it as something to look at later, but can you try with different browsers?

    I think it's a cookie bug somewhere, but I'm not sure where.

  12. flyw
    Member
    Posted 2 years ago #

    how you are fast !!!

    Then i just tried with, chrome, explorer, ffx and safari and i have always the same result.

  13. Gabe
    Member
    Plugin Author

    Posted 2 years ago #

    Hmm. Do you have any privacy settings or privacy software that might affect whether your browsers are storing / blocking cookies?

    Have you tried on another computer?

  14. flyw
    Member
    Posted 2 years ago #

    1)No i don't think so.
    2)I see this problem from the other visitors like you and others around 10 i think all the visitors has this problem.(with the connection's information email).

  15. Gabe
    Member
    Plugin Author

    Posted 2 years ago #

    Hmm. Maybe it's a bug with the way I've implemented cookies (though I haven't heard anyone complain about this before), or maybe it's another plugin or the theme you're using interacting with Friends Only in a strange way.

    I'll put it on my list of things to look into, but likely won't get to it for a while.

  16. flyw
    Member
    Posted 2 years ago #

    ok Gabe I Wait and see.
    Thank you for your interest

    best regards
    Flyw
    http://www.fbmediaworks.com

  17. wsugimoto
    Member
    Posted 2 years ago #

    Hello, I was just wondering if there is a limit on how many friends you can have? Thank You!

  18. Gabe
    Member
    Plugin Author

    Posted 2 years ago #

    I think there's a limitation in MySQL of 65kB for text fields.

    So it's not the number of addresses but rather the size of the text file.

    Hope that helps.

    Gabe

  19. wsugimoto
    Member
    Posted 2 years ago #

    Hi Gabe, thank you for the response! Not to sound stupid, but just so that I understand correctly.....there is limit on the text field itself, but I am able to add as many friends as I want correct?

  20. Gabe
    Member
    Plugin Author

    Posted 2 years ago #

    The number of friends depends on the length of their email addresses.

    If the length of email addresses is 12 characters on average, then you should be able to have about 5000 people.

    For addresses that are 15 characters long, you should get around 3800.

    Maximum friends = 65000 / (Average Email Length + 1)

  21. wsugimoto
    Member
    Posted 2 years ago #

    Ah, thank you so much for the information! That's a nice plug in you have!

  22. maisje
    Member
    Posted 2 years ago #

    Hi Gabe, great plugin! :) I have a question. I made a website for my son and wanted it to be only accessible for family and friends. I am not using email addresses, because for instance, if someone knows my parents email address, they can log in and I don't want that. So I am using a password instead of email addresses. One password that I am sending to friends and family. I will change this password regularly. Is this secure?

  23. Gabe
    Member
    Plugin Author

    Posted 2 years ago #

    Maisje,

    First, and most importantly: Friends Only is not intended to be a security system for your blog. Rather it's a mechanism for filtering readers, to (hopefully) provide access to your blog to (mostly) those who you intended.

    Nobody should treat Friends Only as something that provides 'security'. It's not robust, and it possibly has its own security holes that might allow smart people through (I'm no security expert, and I don't know how to assess the security of the plugin code).

    Some things to consider, though:

    The permitted email addresses list (or the password you use) is stored in plain text in the WordPress database, so if someone hacks your server they will easily discover the password / email addresses.

    Of course, the people you email the 'password' to can share this with others easily, and if you're emailing people a password then you have to trust that their email accounts / computers are also 'secure' from sniffing / hacking.

    Hope that makes sense.

    Gabe

Topic Closed

This topic has been closed to new replies.

About this Plugin

About this Topic