Hello there!

Need Help? We are right here!

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com

Your Contact E-mail

What are you looking for

How can we help you?

Site Protection

Watch how to configure this feature: ▶ Watch Setup Video

Protect the website against anonymous access

This feature provides protection against anonymous access or users. Users will be redirected to the OAuth provider or IdP login page to perform SSO.

To enable this feature, after successfully performing the Test Configuration, click the Settings tab.
Under the Module Settings tab, navigate to Site Protection section.
In the Site Protection check the Protect website against anonymous access check box.
Now, select your application from the Select a default Application for redirections dropdown.

This feature allows you to either restrict access to a page or exclude it from restrictions.

Now, select one option from the Pages to exclude from restriction and Pages to be restricted.
Enter the page URL in the Page URL field. To add multiple URLs, click the Add button and enter each URL on a new line.
- Enter the relative URLs. For example, if the site URL is https://www.xyz.com/yyy , the relative URL would be /yyy.
- To restrict or allow access to a specific route like /abc/pqr/xyz , enter that exact path.
- You can use the wildcard to match multiple paths. For example, /abc/ will apply to all routes under /abc.
Then, scroll down and click on the Save Configuration button.

Open a new browser or a new tab in incognito.
Hit the page that you have restricted or allowed.
You will be redirected to the provider login page and asked to perform SSO. After SSO, you can access that page.
If you have selected pages to ecxulde from restriction option, then you do not need to perform SSO.
Let's check this, navigate to the Page restriction section and select pages to ecxulde from restriction option and save configuration.
Now, access that page in a new tab.
You can access that page without SSO.

Using this feature users will be redirected to the configured OAuth Server login page while accessing the Drupal login page.
To enable this feature, after successfully performing the Test Configuration, click the Settings tab.
Under the Module Settings tab, navigate to Site Protection section.
In the Site Protection check the Replace Drupal login form with Identity Provider(OAuth Server) Login to enable this feature.

Enabling this option allows the user to access any page, even if the redirection settings to the OAuth server are enabled. This is checked by default.
Add the given Page Access Parameter in the page URL.
Then, scroll down and click on the Save Configure button.

Let’s check this.
Open a new browser window or tab in incognito.
Enter the page URL that you want to access, and after that URL, enter the parameter that is given in the module and then hit that URL, you can access that page.

If you have replaced Drupal’s login with an OAuth provider and it fails or you’re locked out from the provider, this feature redirects you to Drupal’s login page so you can sign in with your Drupal credentials. This is checked by default.
Let’s see how this works. In our configuration, we have replaced the Drupal login form with a provider login.
Save the configuration.
Now, in a new browser or in an incognito tab, open Drupal site and try to login.
It will redirect you to the Provider login form.
Now, add the backdoor login parameter in URL and hit the URL.
You will be redirected to the Drupal login form. Log in with your Drupal credentials.