Hiding documents and creating private areas

In most circumstances, MKDoc documents are available for wide distribution via as many channels as possible:

Clean and clear navigation lets users and search engines find existing documents.
RSS XML syndication, headlines and email newsletters allow visitors to discover new content.
Extensive metadata such as audience categories and Dublin Core Metadata make searching and indexing more accurate.

Limiting the distribution of documents is sometimes necessary for various reasons:

A press-release needs to be written now, but not published for several days.
Reference material exists on the site that isn't interesting to the general public.
There are documents and areas which should only available to a private group of users.
Work-in-progress has to be approved before publication.
Partially-trusted users shouldn't be able to edit anything on the public area of the site.

This article explains the technique for shutting-down access channels so these documents can't be found.

Creating a hidden or private document

Simply create or rename a document so that the URI_name (the part that appears in the navigation bar in your browser) starts with either of these magic words: private- or hidden-.

For example, these documents will only appear to exist for logged-in editors:

http://www.example.com/help/private-area/

http://www.example.com/press-releases/hidden-test/

What is the effect?

Make a document hidden and links to the document disappear from everywhere: navigation, sitemap, headlines, RSS, newsletters etc… In addition, any documents attached to that document are themselves hidden — no matter how many there are or how deep the tree is.

Users with editor accounts can see these documents, so if you want to create an intranet, just create a document called hidden-intranet and start adding stuff there.

What else can MKDoc do?

MKDoc uses standard http-authentication, so there are any number of ways of using existing authentication systems to provide fine grained control over who has access to particular documents.

For example, if only two users, sue and bob, are allowed to access hidden documents, then you might configure the apache web server like this:

<LocationMatch /(private|hidden)->
    AuthName "Editors only - Keep Out!"
    AuthGroupFile /var/www/mkdoc/sites/example.com/httpd/groups
    Require group editors
</LocationMatch>

The groups file then needs to contain a list of editors:

editors: sue bob

Document Links

http-authentication: Authentication is any process by which you verify that someone is who they claim they are
http://httpd.apache.org/docs/howto/auth.html