Hi Mike, the only user accounts you need to have on public instance are those that you want to allow direct access to the public instance or those that activate content to public instance. You can further reduce number of accounts needed on public if you use workflow for activation in which case, superuser account is the only one needed (plus the users you want to grant direct access to).
Another measure to increase security is to allow access to /.magnolia* URI only from the IP that belongs to author instance (and possibly from extra few IP addresses from which you want to be able to login to AdminCentral). HTH, Jan On Aug 21, 2012, at 6:55 PM, Mike Wilson (via Magnolia Forums) wrote: > In our Magnolia Enterprise installation we have a large number of users > allowed to change content on the author instance. > > For security reasons we do not want to expose all these user accounts on the > public instances as these are more subject to hacker attacks. > > What alternatives are there to limit the user account data needed by public > instances? > > Best regards > Mike Wilson > > -- > Context is everything: > http://forum.magnolia-cms.com/forum/thread.html?threadId=bd703c72-4bf1-441c-8690-372661961b5a > > > ---------------------------------------------------------------- > For list details, see http://www.magnolia-cms.com/community/mailing-lists.html > Alternatively, use our forums: http://forum.magnolia-cms.com/ > To unsubscribe, E-mail to: <[email protected]> > ---------------------------------------------------------------- ---------------------------------------------------------------- For list details, see http://www.magnolia-cms.com/community/mailing-lists.html Alternatively, use our forums: http://forum.magnolia-cms.com/ To unsubscribe, E-mail to: <[email protected]> ----------------------------------------------------------------
