4.9 Encrypt Path

πŸ“˜ Overview

The Encrypt Path module allows you to restrict access to specific URL paths by requiring a username and password. It functions like lightweight HTTP authentication and provides edge-level protection β€” without touching backend code.

🎯 Purpose

  • Protect internal pages, admin panels, or test environments

  • Control access to staging or early-access content

  • Secure downloadable resources with a password

  • Prevent unauthorized users from accessing private directories

πŸ› οΈ How It Works

You define:

  • Username – Only users with this username can proceed

  • Password – Must be provided to gain access

  • Encrypted Path – The full or partial URL path to protect

  • Authorization Message (optional) – Custom message shown when access is denied

When someone accesses a protected URL:

  • A login prompt appears

  • If the credentials match, the request is allowed

  • If incorrect, the user sees your custom denial message and access is blocked

βš™οΈ How to Configure Encryption

  1. Go to Security Rules > Encrypt Path

  2. Click:

    • πŸ”΅ Username to set or change the login username

    • 🟠 Password to set or change the login password

    • 🟒 Set a Message to define a custom message for failed logins (e.g., "Bu alana erişim yetkiniz yok")

    • 🟧 Specify the page to be encrypted and enter the full URL you want to protect (e.g., https://shieldsguard.com/admin)

  3. Click Encrypt to activate protection

πŸ“‹ Example Use Case

  • Protect /admin-panel with username: sg and a strong password

  • Show a denial message like: β€œYou do not have access to this area”

  • Ensure only internal users with credentials can reach the path

πŸ” Why This Matters

Encrypt Path allows secure, no-code restriction of sensitive areas:

  • Without installing plugins

  • Without modifying server configs

  • Without writing auth logic

It's ideal for developers and admins who want to quickly lock down access to certain pages.

⚠️ Best Practices & Notes

  • Use strong, non-production credentials (base64 encoded, not encrypted)

  • Always access encrypted paths over HTTPS

  • Combine with Rate Limiting to stop brute-force attempts

  • Do not use this for dynamic login pages β€” leave those to your backend authentication

🎯 Encrypt Path gives you instant, secure access control β€” with zero backend integration.

Previous4.8 URL Path BlockingNext4.10 Remove Request Value

Last updated