10 Settings
Settings allows specifying the operational values for a site.
Access△
This section contains flags for enabling extra access or other functionality.
# | Name | Description |
---|---|---|
1 | Accessibility | If turned on, the public site will change pages to include several Accessibil |
2 | 2-factor login | If turned on, after submitting a password, an email will be sent to the user's email with a link which when clicked will allow entry to the management pages, after which the resulting |
3 | Guest mode | If turned on, |
4 | Strict Done | If turned on, hides the |
These are all turned off by default. Only turn on
Values△
This section covers site-wide values used by Smallsite Design.
# | Name | Description |
---|---|---|
1 | Site ID | Short identifier used as the prefix for archive file names. This uses basic ASCII alphabetic characters so that it should display properly in all operating systems. When a site is created, this is set to sd for Smallsite Design |
2 | Site name | Formal name for the site |
3 | Copyright owner | Name of the copyright holder for the site. If specified, it should be the legal name for a business or an individual. It appears in page footers |
4 | Registration name | Name of the type of registration for the next field. It is provided to show information like business registration numbers that may be legally required to be displayed. If this field is blank, no registration details will appear in page footers |
5 | Registration ID | Identifier or number for the type of registration in the previous field. If this field is blank, no registration details will appear in page footers |
6 | Guest password | If a |
Any of these values can be shown on a page by selecting the corresponding option for the
# | Name | Example |
---|---|---|
1 | Site ID | sd as an identifier for Smallsite Design. Default for a new site, but needs changing as part of step 3 of |
2 | Site name | Smallsite Design |
3 | Copyright owner | Patanjali Sokaris or Company Pty Ltd |
4 | Registration name | ABN for Australian Business Number |
5 | Registration ID | 14 326 274 274 |
Search△
These settings are to specify an external search provider rather than using the internal facility.
Only change these if you really know what you are doing.
Incorrect settings may hobble the search facility altogether.
# | Name | Description |
---|---|---|
1 | Status | Whether the specified external search provider is used |
2 | URL | Provider's URL address |
3 | Query attribute | Name of the attribute to hold the typed in query to send to the provider |
4 | Site attribute | Name of the attribute to hold the site's domain name to send to the provider |
# | Name | Current recommendation |
---|---|---|
1 | Status | Enabled |
2 | URL | https://duckduckgo.com/ |
3 | Query attribute | q |
4 | Site attribute | sites |
The values are initially blank and the facility is disabled. If disabled, or any of the values are removed, use of an external provider is disabled and the internal search facility is used.
Do not use Google because unless a site is very popular, they will ignore 95% of the pages. Bing will list 100% of a site's pages, but they do not have a
Not all search providers have all the attributes suitable for this facility. Also, attributes have to be able to be submitted within the form, and not as part of the URL where the queries used may be leaked in browser histories.
MIME types△
MIME types define how the web server processes files so that they display properly in a browser page.
Only change these if you really know what you are doing.
Incorrect settings may affect how some files are displayed and processed.
Working values have already been supplied. These settings have only been provided to cater for future changes that may be required, such as for new multimedia file formats. No entries are required for file types that will only be downloaded and not viewed in a browser or played.
csv=text/csv epub=application/epub+zip flac=audio/flac gif=image/gif ico=image/x-icon jpg=image/jpeg m4a=audio/mp4 mp3=audio/mpeg mp4=video/mp4 oga=audio/ogg; codecs="vorbis" ogv=video/ogg; codecs="theora, vorbis" pdf=application/pdf png=image/png txt=text/plain webm=video/webm; codecs="vp8.0, vorbis" webp=image/webp
While technically a file with a specific extension can have multiple mime types associated with it and vice-versa, Smallsite Design is keeping it simple by allowing only one mime type to map to one extension. In those rare cases where a mime type extension is already used, an alternate extension will need to be specified here for the new mime type, and any files expected to use it need to be renamed to use the new extension before uploading them.
However, adding a MIME type here only allows it to played on a page if a suitable handler for the file, like a codec for a media file, is already installed on the device or in the browser.
Settings△
These settings facilitate linking to other sites or web services.
Only change these if you really know what you are doing.
Incorrect settings may inadvertently expose confidential
information, or prevent search engines listing site content.
Working values have already been supplied. These settings have only been provided to cater for future changes that may be required.
# | Name | Description |
---|---|---|
1 | Disallowed agents | Names of web-crawling robots (bots), separated by |, that are to ignore the site. Each will have an entry in the site's |
2 | Additional schemes | Names of communication protocols, other than https, and separated by |, that external sites might need at the front of their URLs for some of the services they offer. Cannot add the insecure http scheme |
# | Name | Current recommendation |
---|---|---|
1 | Disallowed agents | GPTBot |
2 | Additional schemes | – |
The insecure http scheme cannot be added to
Password checking△
These settings configure how user passwords are checked against those that have been leaked.
Only change these if you really know what you are doing.
Incorrect settings may affect whether passwords are checked properly or at all.
Working values have already been supplied. These settings have only been provided to cater for future changes that may be required.
# | Name | Description |
---|---|---|
1 | Status | Whether checking passwords at login is enabled |
2 | URL | Prefix to the URL to the checking provider's command internet address. The hash prefix to check a password is added to this |
3 | Hash algorithm | Name of the method used to generate the hash from the password |
4 | Characters | Number of the first characters of the hashed password added to the |
# | Name | Current recommendation |
---|---|---|
1 | Status | Enabled |
2 | URL | https://api.pwnedpasswords.com/range/ |
3 | Hash algorithm | sha1 |
4 | Characters | 5 |
The current settings are for a service provided by Troy Hunt and his Have I Been Pwned web site, using Cloudflare to timely service the huge number of daily requests at the edge servers of their cloud infrastructure. The database contains half a billion leaked passwords.
The process uses what is known as k-anonymity to allow secure password testing. It involves hashing the password, and sending off the first few characters. A list of several hundred remainders of hashes that match that prefix is returned. If the tail end of the hash of the actual password is on the list, it is compromised. The hashing makes it virtually impossible to determine the password, and so little of the hash is actually transmitted that it is made far less possible.
The password is checked at login if more than a day has elapsed since the previous check. If the check fails, a highlighted notice will be displayed, prompting the user to change to another though that does not have to be immediately. The master manager will be notified if a login check fails. New passwords are also checked, and if rejected, another will need to be provided.
If disabled, any of the fields are blank, or the target password checking site is not available, login will proceed as if the check had passed, so that access to the site is not prevented. If any of the values are removed, the facility will be disabled.