A beginner's questions
Permalink
Hello to everyone.
I want to start with the fact that I'm very new to C5 CMS (one week today, good learning curve though) and a beginner in web design and all the stuff related to that. So be warned, it's possible to ask stupid questions :)
Long story short, I want to make a site in C5 for the firm I'm working for, and the site will be hosted using a web hosting service form a third party.
For now, I used XAMPP to play with C5 but over a month or so the website will be moved to that third party hosting server.
I'm not very sure about the permissions I must set on my folders. For example - what permissions are necessary for the concrete folder? What about the update or application folders?
I read the documentation section on concrete5.org but I'm not sure it is complete, for a beginner I mean. Could someone direct me on the right path, please?
Also, I saw (using XAMPP) that if I copy a file addres from any web page source (via View Source in browser) and go to that link I can access the file and browse the folder and its parent. Is there any way I can prevent that from happening?
And the last question, for now :) , is about paid themes and add-ons licensing. I understand that if I purchase 1 license for a theme I can link that license to only 1 project in my account, having 5 days to unlink it. As I said, for now I'm using XAMPP on my Windows machine to develop the site. If I link that license to my project (appearing as localhost:8080/my_website in my account), over 1 month or so how can I link that theme to the hosted website (which will appear in my account ashttp://www.mydomain.abc or something) without purchasing another license for that theme? Is this allowed and doable? I don't really understand the mechanism behind...
Sorry for the lameness in my questions, if any :)
Thanks.
I want to start with the fact that I'm very new to C5 CMS (one week today, good learning curve though) and a beginner in web design and all the stuff related to that. So be warned, it's possible to ask stupid questions :)
Long story short, I want to make a site in C5 for the firm I'm working for, and the site will be hosted using a web hosting service form a third party.
For now, I used XAMPP to play with C5 but over a month or so the website will be moved to that third party hosting server.
I'm not very sure about the permissions I must set on my folders. For example - what permissions are necessary for the concrete folder? What about the update or application folders?
I read the documentation section on concrete5.org but I'm not sure it is complete, for a beginner I mean. Could someone direct me on the right path, please?
Also, I saw (using XAMPP) that if I copy a file addres from any web page source (via View Source in browser) and go to that link I can access the file and browse the folder and its parent. Is there any way I can prevent that from happening?
And the last question, for now :) , is about paid themes and add-ons licensing. I understand that if I purchase 1 license for a theme I can link that license to only 1 project in my account, having 5 days to unlink it. As I said, for now I'm using XAMPP on my Windows machine to develop the site. If I link that license to my project (appearing as localhost:8080/my_website in my account), over 1 month or so how can I link that theme to the hosted website (which will appear in my account ashttp://www.mydomain.abc or something) without purchasing another license for that theme? Is this allowed and doable? I don't really understand the mechanism behind...
Sorry for the lameness in my questions, if any :)
Thanks.
Thanks for the quick and helpful answer.
I already read the install guide but I wish it was more detailed (e.g. This folder must have these permissions because otherwise that. These permissions exactly must be set on these folders exactly for security reasons but on these folders you can set whatever. Never set this somewhere). I know it's a lot to wish for given the fact C5 is open source and no one is paid to write excessively complete instructions. But again, maybe is just the beginner in me talking :)
I'm curious - how come C5 is not used more widely? Personally, I find it more easier and faster to learn than the vast majority of others PHP based CMSs. All businesses' websites I recently checked with Builtwith are made in Drupal7/8, Joomla or WP.
Enough for now :) And thanks again
I already read the install guide but I wish it was more detailed (e.g. This folder must have these permissions because otherwise that. These permissions exactly must be set on these folders exactly for security reasons but on these folders you can set whatever. Never set this somewhere). I know it's a lot to wish for given the fact C5 is open source and no one is paid to write excessively complete instructions. But again, maybe is just the beginner in me talking :)
I'm curious - how come C5 is not used more widely? Personally, I find it more easier and faster to learn than the vast majority of others PHP based CMSs. All businesses' websites I recently checked with Builtwith are made in Drupal7/8, Joomla or WP.
Enough for now :) And thanks again
I think one reason concrete5 isn't used more is that most website devs want a recurring income. With concrete5 there is very little that the end user can't learn to do easily and rapidly.
Hello again.
Today I'm playing with workflows.
My goal: I want a group (Newsmen) to be able to add two kinds of blocks (Content and File) only on a specific page (News) and the Admin to be notified about every change (even one word) with approve or deny options.
What I did:
1. I created Newsmen group with 1 user in it called Newsman1.
2. I granted Newsmen group the permission Add Block (custom: Content, File).
3. I created a new workflow (testWorkflow) with following settings (Approve or Deny: admin; Notify on Entry: admin; Notify on Approve: Administrators Newsman1; Notify on Deny: Administrators Newsmen).
4. I granted Newsmen group Edit Content permission on page News.
5. I added the workflow testWorkflow to Approve Changes permission on page News.
If I login with user Newsman1 I can add content/file block on page News (working as expected) and save changes. However, the admin user doesn't receive any notifications about the pending changes of page News and the Waiting for Me section is empty.
What am I doing wrong?
By the way, I see that the admin user (specified when C5 was installed) is not an explicit member of Administrators group by default. Is there any reason?
Thanks.
Today I'm playing with workflows.
My goal: I want a group (Newsmen) to be able to add two kinds of blocks (Content and File) only on a specific page (News) and the Admin to be notified about every change (even one word) with approve or deny options.
What I did:
1. I created Newsmen group with 1 user in it called Newsman1.
2. I granted Newsmen group the permission Add Block (custom: Content, File).
3. I created a new workflow (testWorkflow) with following settings (Approve or Deny: admin; Notify on Entry: admin; Notify on Approve: Administrators Newsman1; Notify on Deny: Administrators Newsmen).
4. I granted Newsmen group Edit Content permission on page News.
5. I added the workflow testWorkflow to Approve Changes permission on page News.
If I login with user Newsman1 I can add content/file block on page News (working as expected) and save changes. However, the admin user doesn't receive any notifications about the pending changes of page News and the Waiting for Me section is empty.
What am I doing wrong?
By the way, I see that the admin user (specified when C5 was installed) is not an explicit member of Administrators group by default. Is there any reason?
Thanks.
Concerning the "admin" user, created upon install, it's a so-called "super admin". So it should have all permissions. It's being treated as different and it should be in the hands of the "main" site observer/manager. Best not to let others use that very same account, as it will have most access. It's email address will also be used (as from/reply to) if none is set for some of the forms. See more about configuring those emails over here:
https://documentation.concrete5.org/developers/sending-mail/configur...
https://documentation.concrete5.org/developers/sending-mail/configur...
Thanks for answering.
A lot of info on that page :)
Anyway, isn't the Waiting for Me page content handled internally by C5 core regardless of email sender addresses being configured or not?
LE: I configured the default and workflow_notification email sender addresses. After that I sent a PM from admin to Newsman1 and a notification was received on Newsman1 email address from the default email so things are working. Still no Waiting for Me page content...
LE1: I sorted out. Granting Newsmen group Approve Changes permission made the Submit to workflow option to appear after page is modified. Email notification for workflow is working too... So the workflow overrides the actual page permissions... Lesson learned :)
A lot of info on that page :)
Anyway, isn't the Waiting for Me page content handled internally by C5 core regardless of email sender addresses being configured or not?
LE: I configured the default and workflow_notification email sender addresses. After that I sent a PM from admin to Newsman1 and a notification was received on Newsman1 email address from the default email so things are working. Still no Waiting for Me page content...
LE1: I sorted out. Granting Newsmen group Approve Changes permission made the Submit to workflow option to appear after page is modified. Email notification for workflow is working too... So the workflow overrides the actual page permissions... Lesson learned :)
Hello again.
I want to start by saying sorry to all of you for asking "strange" questions :)
Very soon I will go live using a shared web hosting service. C5 will be installed using a Softaculous script.
I worry about some aspects of "shared webhosting".
Let's say my user on hosting server is A and the web daemon is running on user B (group BB)
What permissions are needed for:
1. concrete/
2. application/
3. packages/
4. update/
Will the Softaculous script take care of perms based on the environment or is it "dumb" (it just download and put some files somewhere)?
Does anyone have some practical experience with setting up C5 in a shared webhosting environment?
Thank you!
I want to start by saying sorry to all of you for asking "strange" questions :)
Very soon I will go live using a shared web hosting service. C5 will be installed using a Softaculous script.
I worry about some aspects of "shared webhosting".
Let's say my user on hosting server is A and the web daemon is running on user B (group BB)
What permissions are needed for:
1. concrete/
2. application/
3. packages/
4. update/
Will the Softaculous script take care of perms based on the environment or is it "dumb" (it just download and put some files somewhere)?
Does anyone have some practical experience with setting up C5 in a shared webhosting environment?
Thank you!
@cristi78 Yes, I've installed via Softaculous on shared hosting many times, including multi-user c5 sites. It's fine.
Hi.
I wonder what is the best way to make the site accessible only by HTTPS right from the start (after C5 installation).
1. Install C5 and SSL certificate. Make sure site with demo content is accessible via HTTPS.
2. Turn all caches off and set on ALL the options in Dashboard - URLs and Redirection.
3. If necessary, modify /application/config/concrete.php and make all Canonical URLs to point to "https;//mysite.com".
4. Install theme and add-ons, start developing the site.
Are the above steps making sense? Any recommendations?
Thanks.
I wonder what is the best way to make the site accessible only by HTTPS right from the start (after C5 installation).
1. Install C5 and SSL certificate. Make sure site with demo content is accessible via HTTPS.
2. Turn all caches off and set on ALL the options in Dashboard - URLs and Redirection.
3. If necessary, modify /application/config/concrete.php and make all Canonical URLs to point to "https;//mysite.com".
4. Install theme and add-ons, start developing the site.
Are the above steps making sense? Any recommendations?
Thanks.
I am in the process of switching all my pages to forced https, and I did nothing in c5.
All I did was set up a 301 redirection to https in my hosting panel.
My host uses plesk, and in there it is really easy to do this.
My guess is, if your host has cPanel there will be a similar option to mak it easy for you.
All I did was set up a 301 redirection to https in my hosting panel.
My host uses plesk, and in there it is really easy to do this.
My guess is, if your host has cPanel there will be a similar option to mak it easy for you.
Concerning permissions on folder when installing here's the link you need:https://documentation.concrete5.org/developers/installation/installa...
Concerning the fact that you can browse your folders, that's because you're on XAMPP in a local environment without the proper folder permissions. Once on the live server with the proper folder permissions that won't be a problem.
As for licenses, when you buy a plugin you can attach it to a project right away or later but at any time you can also download the file and install it manually.
The benefit of attaching the license to a project is that you can download and install your plugins automatically from your site's dashboard and you will get informed when updates are available and can update from the dashboard.
When installing the plugin manually you don't get all that.
So typically you would download the plugin and install it manually on the test site and once your site is ready and live you would add it to a project and connect your site to the community to benefit from all the automated goodies.
To install a package manually, download it, put it in the "packages" folder and unzip it. You will end up with a folder with the same name as the zip file and inside it all the plugin files.
Be careful that in Windows sometimes it creates an extra folder. Make sure you have one folder labeled same as the zip file and inside it all the files and folders. And especially right inside it you should have a file called controller.php
And don't worry your questions are not lame. Feel free to reach out again if there's anything else.