starred/ArchiveBox
1
0
Fork 0
mirror of https://github.com/ArchiveBox/ArchiveBox.git synced 2026-04-25 17:16:00 +03:00
Code Issues 624 Projects Releases 5 Packages Wiki Activity

[GH-ISSUE #554] Less "open" public website #352

New issue
Closed
opened 2026-03-01 14:42:47 +03:00 by kerem · 5 comments
kerem commented 2026-03-01 14:42:47 +03:00
Owner
Copy link

Originally created by @shepner on GitHub (Nov 28, 2020).
Original GitHub issue: https://github.com/ArchiveBox/ArchiveBox/issues/554

Type

  • General question or discussion
  • Propose a brand new feature
  • Request modification of existing behavior or design

What is the problem that your feature request solves

Occasionally I would like to share links to pages I have clipped. However, the public ArchiveBox site is rather "open" (very easy for anyone to look at everything stored in there) and Id rather if that was not the case. Im not asking for iron-clad security here but Id like to keep people (and bots) from snooping.

Describe the ideal specific solution you'd want, and whether it fits into any broader scope of changes

Ideally: Implement granular access controls to the website which are tied to user accounts which can exist in an external system (ie Okta, Authelia, LDAP, etc).
Minimally: Make it so the directory structure is not publicly visible, provide an option to disable public access to the archive root, and an option to entirely disable public archive access.

What hacks or alternative solutions have you tried to solve the problem?

Since I want to make ArchiveBox Internet accessible so I can archive sites from my mobile devices, the minimal solution above should provide a modicom of privacy and is better than expecting the user to somehow figure out how to do this via Nginx or the like.

How badly do you want this new feature?

  • It's an urgent deal-breaker, I can't live without it
  • It's important to add it in the near-mid term future
  • It would be nice to have eventually
  • I'm willing to contribute dev time / money to fix this issue
  • I like ArchiveBox so far / would recommend it to a friend
  • I've had a lot of difficulty getting ArchiveBox set up
Originally created by @shepner on GitHub (Nov 28, 2020). Original GitHub issue: https://github.com/ArchiveBox/ArchiveBox/issues/554 ## Type - [ ] General question or discussion - [ ] Propose a brand new feature - [x] Request modification of existing behavior or design ## What is the problem that your feature request solves Occasionally I would like to share links to pages I have clipped. However, the public ArchiveBox site is rather "open" (very easy for anyone to look at everything stored in there) and Id rather if that was not the case. Im not asking for iron-clad security here but Id like to keep people (and bots) from snooping. ## Describe the ideal specific solution you'd want, and whether it fits into any broader scope of changes Ideally: Implement granular access controls to the website which are tied to user accounts which can exist in an external system (ie Okta, Authelia, LDAP, etc). Minimally: Make it so the directory structure is not publicly visible, provide an option to disable public access to the archive root, and an option to entirely disable public archive access. ## What hacks or alternative solutions have you tried to solve the problem? Since I want to make ArchiveBox Internet accessible so I can archive sites from my mobile devices, the minimal solution above should provide a modicom of privacy and is better than expecting the user to somehow figure out how to do this via Nginx or the like. ## How badly do you want this new feature? - [ ] It's an urgent deal-breaker, I can't live without it - [x] It's important to add it in the near-mid term future - [ ] It would be nice to have eventually --- - [ ] I'm willing to contribute dev time / money to fix this issue - [x] I like ArchiveBox so far / would recommend it to a friend - [ ] I've had a lot of difficulty getting ArchiveBox set up
kerem commented 2026-03-01 14:42:48 +03:00
Author
Owner
Copy link

@pirate commented on GitHub (Nov 28, 2020):

Config options to manage which parts are public already exist:

image
github.com/ArchiveBox/ArchiveBox@e4d2ac432d/archivebox/config.py (L71)

archivebox config --set PUBLIC_SNAPSHOTS=True
archivebox config --set PUBLIC_INDEX=False
archivebox config --set PUBLIC_ADD_VIEW=False

You can also manage the Snapshot view/edit/add/delete permissions on a per-user basis under http://127.0.0.1:8000/admin/core/user/

<!-- gh-comment-id:735260582 --> @pirate commented on GitHub (Nov 28, 2020): Config options to manage which parts are public already exist: ![image](https://user-images.githubusercontent.com/511499/100522069-17323380-3176-11eb-9a06-7b3b7e3a42c0.png) https://github.com/ArchiveBox/ArchiveBox/blob/e4d2ac432db2627cec7cfa5fb02e8b83bb4269bb/archivebox/config.py#L71 ```bash archivebox config --set PUBLIC_SNAPSHOTS=True archivebox config --set PUBLIC_INDEX=False archivebox config --set PUBLIC_ADD_VIEW=False ``` You can also manage the Snapshot view/edit/add/delete permissions on a per-user basis under http://127.0.0.1:8000/admin/core/user/
kerem commented 2026-03-01 14:42:48 +03:00
Author
Owner
Copy link

@shepner commented on GitHub (Nov 29, 2020):

Ok, I think I figured out what those settings do. Are they documented somewhere? Similarly, is there some documentation for the various user account permissions? I havnt found them in the wiki.

<!-- gh-comment-id:735429572 --> @shepner commented on GitHub (Nov 29, 2020): Ok, I think I figured out what those settings do. Are they documented somewhere? Similarly, is there some documentation for the various user account permissions? I havnt found them in the wiki.
kerem commented 2026-03-01 14:42:48 +03:00
Author
Owner
Copy link

@pirate commented on GitHub (Nov 29, 2020):

They are not documented yet because it's sort of a "beta" feature. We're planning on improving the permissions system in the future and this is just the bare minimum first version we implemented. I may add them to the Wiki but I haven't decided yet if we want to advertise these config options because they might change soon.

<!-- gh-comment-id:735433176 --> @pirate commented on GitHub (Nov 29, 2020): They are not documented yet because it's sort of a "beta" feature. We're planning on improving the permissions system in the future and this is just the bare minimum first version we implemented. I may add them to the Wiki but I haven't decided yet if we want to advertise these config options because they might change soon.
kerem commented 2026-03-01 14:42:48 +03:00
Author
Owner
Copy link

@shepner commented on GitHub (Nov 29, 2020):

k. In that case, Ill try to keep an eye out for that. Thanks!

<!-- gh-comment-id:735467535 --> @shepner commented on GitHub (Nov 29, 2020): k. In that case, Ill try to keep an eye out for that. Thanks!
kerem commented 2026-03-01 14:42:48 +03:00
Author
Owner
Copy link

@cdvv7788 commented on GitHub (Dec 5, 2020):

@pirate we can close this one, right?

<!-- gh-comment-id:739320079 --> @cdvv7788 commented on GitHub (Dec 5, 2020): @pirate we can close this one, right?
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
dev
main
abx-dl-refactor
claude/issue-1688-20251229-2233
claude/s3-support-migration-JZQcf
claude/review-snapshot-archive-RJOkr
claude/review-code-quality-macdO
claude/reduce-chrome-duplication-JgWVr
fix/chrome-args-comma-parsing
claude/issue-668-20251229-2145
claude/issue-1664-20251229-2236
v086
claude/improve-test-suite-xm6Bh
claude/typescript-archivebox-rewrite-011CUmPyEmECnkXwyHRT9RPF
claude/archivebox-schema-orm-comparison-011CUn26GurEpLiBUq4zjVLJ
stable
logfire
plugins-browsertrix
v072
link-removal2
v0.8.6rc1
v0.7.3
v0.8.6rc0
v0.8.5rc53
v0.8.5rc51
v0.8.5rc50
v0.8.5rc49
v0.8.5rc48
v0.8.5rc47
v0.8.5rc46
v0.8.5rc45
v0.8.5rc44
v0.8.5rc43
v0.8.5rc42
v0.8.5rc41
v0.8.5rc40
v0.8.5rc39
v0.8.5rc38
v0.8.5rc37
v0.8.5rc36
v0.8.5rc35
v0.8.5rc34
v0.8.5rc33
v0.8.5rc32
v0.8.5rc31
v0.8.5rc30
v0.8.5rc29
v0.8.5rc28
v0.8.5rc27
v0.8.5rc26
v0.8.5rc25
v0.8.5rc24
v0.8.5rc23
v0.8.5rc22
v0.8.5rc13
v0.8.5rc12
v0.8.5rc11
v0.8.5rc10
v0.8.5rc9
v0.8.5rc8
v0.8.5rc6
v0.8.5rc5
v0.8.5rc4
v0.8.5rc3
v0.8.5rc2
v0.8.5-rc
v0.8.4-rc
v0.8.3-rc
v0.8.2-rc
v0.8.0-rc
v0.7.2
v0.7.1
v0.7.0
v0.6.2
v0.6.0
v0.5.6
v0.5.4
v0.5.3
v0.4.24
v0.4.21
v0.4.20
v0.4.19
v0.4.18
v0.4.17
v0.4.16
v0.4.15
v0.4.14
v0.4.13
v0.4.12
v0.4.11
v0.4.9
v0.2.4
v0.2.3
v0.2.2
v0.2.1
v0.2.0
v0.1.0
v0.0.3
v0.0.2
v0.0.1
Labels
Clear labels   
expected: maybe someday

   
expected: next release

   
expected: release after next

   
expected: unlikely unless contributed

   
good first ticket

   
help wanted

   
pull-request

Mirrored from GitHub Pull Request

  
scope: all users

   
scope: windows users

   
size: easy

   
size: hard

   
size: medium

   
size: medium

   
status: backlog

   
status: blocked

   
status: done

   
status: idea-phase

   
status: needs followup

   
status: wip

   
status: wontfix

   
touches: API/CLI/Spec

   
touches: configuration

   
touches: data/schema/architecture

   
touches: dependencies/packaging

   
touches: docs

   
touches: js

   
touches: views/replayers/html/css

   
why: correctness

   
why: functionality

   
why: performance

   
why: security
No labels
expected: maybe someday
expected: next release
expected: release after next
expected: unlikely unless contributed
good first ticket
help wanted
pull-request
scope: all users
scope: windows users
size: easy
size: hard
size: medium
size: medium
status: backlog
status: blocked
status: done
status: idea-phase
status: needs followup
status: wip
status: wontfix
touches: API/CLI/Spec
touches: configuration
touches: data/schema/architecture
touches: dependencies/packaging
touches: docs
touches: js
touches: views/replayers/html/css
why: correctness
why: functionality
why: performance
why: security
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/ArchiveBox#352
No description provided.