Skip to main content

Smallsite Design

Online management help

Settings

Settings allows specifying the operational values for a site.

Access

This section contains flags for whether the site is to use 2-factor identification and enhanced accessibility presentation.

The fields are:
#NameDescription
1AccessibilityIf turned on, the whole site will show links as underlined and not justify text. A logged-in user can set their own accessibility preference
22-factor loginIf turned on, after submitting a password, an email will be sent to the user's email with a link which when clicked will allow entry to the management pages, after which the resulting browser page can then be closed. This ensures that someone logging in is likely to be the legitimate user. However, this process relies upon the user having the only access to their emails

These are turned off by default.

Values

This section covers site-wide values used by Smallsite Design.

The fields are:
#NameDescription
1Site IDShort identifier used as the prefix for archive file names. This uses basic Latin alphabetic characters so that it should display properly in all operating systems
2Site nameSite name that is appended to the hidden title tag of a page in a browser. The full text of that tag will usually be displayed in the browser tab for the page
3Copyright ownerName of the copyright holder for the site. It will be the legally registered name for a business, or an individual's full name. It appears in the footer for a page
4Registration nameName of the type of registration for the next field. It is provided to show information like business registration numbers that may be legally required to be displayed. If this field is blank, no registration details will appear in page footers
5Registration IDIdentifier or number for the type of registration in the previous field
Examples for these fields are:
#NameExample
1Site IDsd as an identifier for Smallsite Design
2Site nameSmallsite Design
3Copyright ownerPatanjali Sokaris or Company Pty Ltd
4Registration nameABN for Australian Business Number
5Registration ID14 326 274 274

Mime types

Mime types define how the web server processes files so that they display properly.

Warning

Only change these if you really know what you are doing. Incorrect settings may affect how some files are displayed and processed.

Working values have already been supplied. These settings have only been provided to cater for future changes that may be required, such as for new multimedia file formats.

The currently recommended mime types that you can cut-and-paste from here are:

csv=text/csv
epub=application/epub+zip
flac=audio/flac
gif=image/gif
ico=image/x-icon
jpg=image/jpeg
m4a=audio/mp4
mp3=audio/mpeg
mp4=video/mp4
oga=audio/ogg; codecs="vorbis"
ogv=video/ogg; codecs="theora, vorbis"
pdf=application/pdf
png=image/png
txt=text/plain
webm=video/webm; codecs="vp8.0, vorbis"

While technically a file with a specific extension may have multiple mime types associated with it, Smallsite Design is keeping it simple by allowing only one mime type per extension. In those rare cases where a mime type extension is already used, an alternate extension will need to be specified here for the new mime type, and any files expected to use it need to be renamed to use the new extension before uploading them.

Settings

These settings facilitate site stability and operation.

Warning

Only change these if you really know what you are doing. Incorrect settings may make parts or all of the site inaccessible, or expose it to exploitation.

Working values have already been supplied. These settings have only been provided to cater for future changes that may be required.

The fields are:
#NameDescription
1Unwanted crawlersWeb site crawlers that excessively scan sites while generally providing little benefit for them. These are typically scanning for the benefit of their business customers, rather than helping the discovery of the scanned sites by the general public. However, some may benefit your site, so do your research. If you want one, delete the name and its associated | character
2Additional schemesNames of communication protocols, other than https, and separated by |, that external sites might need at the front of their URLs for some of the services they offer. Cannot add the insecure http scheme. For almost all likely external sites to be linked to, no schemes have to be added here
The currently recommended values that you can cut-and-paste from to your site are:
#NameCurrent recommendation
1Unwanted crawlersPetalBot|AhrefsBot|SemrushBot|SeznamBot|Mail.RU_Bot
2Additional schemesNone

There are many words that should never be used in the Unwanted crawlers setting, such as browser names like Mozilla or Safari, or for operating systems. That is because most browsers cite many of these names in their compatibility text to ensure that that sites that are sniffing for browsers to determine how they render the page will show the full page. However, if any of these words are mentioned here, the site's pages will be hidden from many, if not all visitors.

For example, a typical browser user agent string for Chrome on Windows is:
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36
while that for Safari on an iPhone is:
Mozilla/5.0 (iPhone; CPU iPhone OS 15_3_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.2 Mobile/15E148 Safari/604.1.

If adding a bot name to this list, ensure it is exactly as it appears in browser user agent strings, such as in server logs, including case.

Password checking

These settings configure how user passwords are checked against those that have been leaked.

Warning

Only change these if you really know what you are doing. Incorrect settings may affect whether passwords are checked properly or at all.

Working values have already been supplied. These settings have only been provided to cater for future changes that may be required.

The fields are:
#NameDescription
1StatusWhether checking passwords at login is enabled
2URLPrefix to the URL to the checking provider's command internet address. The parameters to checked a password are added to this. If blank, no password checking is done
3Hash protocolName of the method used to generate the hash from the password
4CharactersNumber of the first characters of the hashed password added to the URL
The currently recommended values that you can cut-and-paste from here to your site are:
#NameCurrent recommendation
1StatusEnabled
2URLhttps://api.pwnedpasswords.com/range/
3Hash protocolsha1
4Characters5

The current settings are for a service provided by Troy Hunt and his Have I been pwned web site, using Cloudflare to timely service the huge number of daily requests at the edge servers of their cloud infrastructure. His database contains half a billion leaked passwords.

The process uses what is known as k-anonymity to allow secure transmission of passwords. It involves hashing the password, and sending off the first few characters. A list of several hundred remainders of hashes that match that prefix is returned. If the tail end of the hash of the actual password is on the list, it is compromised.

Smallsite Design checks the password at login if more than a day has elapsed since the previous check. If the check fails, a highlighted notice will be displayed, prompting the user to change to another, which will also be rejected if it fails when checked.


Manage         Help   Powered by: Smallsite Design©Patanjali Sokaris         art-a  3  0  2020-10-05-19-42-50