Giter Club home page Giter Club logo

pantheon-secure-login's Introduction

Pantheon Secure Login

If you are a Free or Personal customer, and you want to use SSL without having to pay the extra cost associated with a Pro plan and a dedicated IP address, this module may help. It will allow you to secure your Drupal admin login behind Pantheon's free provided SSL cert for the "gotpantheon" domain name, while using your public-facing domain for all other requests.

This is only useful if you are running your site on the Pantheon platform:

https://www.getpantheon.com

The ideal user is someone running a Personal tier site (e.g. a blog or small project site) who is concerned with the security of their logins and user sessions, but is comfortable with their publicly available content being sent in the clear. If you don't mind doing your own logins on a domain like live-yoursite.gotpantheon.com then you can keep sessions secure for free.

NOTE: Proof of Concept

This is a free example showing how you can use some features of Pantheon environment configuration within your site to good effect. However, it is provided without warranty or support. Use at your own risk, etc, etc, etc.

Use Free SSL for Logins

This module enforces SSL for authenticated users (and the default login pathways) on the Pantheon platform using the provided "gotpantheon.com" domain and certificate. If you are on a Personal plan and would like to secure your content author or admin login, you can use this module to do so without having to pay for an upgrade plan or an SSL certificate.

Please note that you will need to be careful if you are redirecting incoming requests using this documentation:

http://helpdesk.getpantheon.com/customer/portal/articles/368354-redirect-incoming-requests

For users who are looking to standardize on a domain for SEO purposes, there is a simple UI to support both use-cases in this module. You should remove logic from settings.php if you use this module.

Installation

Install as a normal module, and then visit admin/configuration/pantheon-secure-login to configure. It should be self-explanatory from there.

TODO

This is currently a proof of concept/work in progress. There are a number of things to improve:

  • Construct definitive "gotpantheon" domains for redirects.
  • Do some more extensive validation on the "live domain name" value.

pantheon-secure-login's People

Watchers

avatar avatar avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.