Managing Server Access with Contribute
In order to control workflow, Contribute installs a file in a specific folder at the root of any Web site you connect to. This file, called the Shared Settings File, enables Contribute to store all the settings you choose when you administer the Web site. Whenever you make a change to one of the user groups or any of the other site settings the change gets stored in this centrally located file.
The Shared Settings File enables you to create various groups within a site and to modify the access levels for each of these groups individually without having to send new connection files to the users each time you make a change. For example, you define a group called Editors and give the users the right to add images to pages. Later, you decide that maybe it wasn’t a good idea to let them add images. You create another group called Designers, let them add images, and prohibit the Editors group from adding images. Without sending the Editors new connection files, you disabled their access to images, saved yourself some time, and gave the designers something to do.
The Shared Settings File
The Shared Settings File is nothing more than a plain text XML file that holds the settings for the Contribute site connection. After you complete setup, Contribute automatically creates a directory named _mm and places the Share Settings File (an XML text file) within it.
Tempting as it may be for some, do not modify the Shared Settings File manually. Contribute expects the settings file to have a specific format. It is possible to make a change to the file that Contribute does not understand and lose all the settings as a result. Change settings and permissions from within Contribute to avoid headaches.
Using rollback files to back up pages
One of the many features available with Contribute is that of keeping various versions — or backup copies — automatically when editing and publishing Web pages. This feature is especially useful when someone makes a mistake while editing a page and you want to go back and use a previous version. Contribute automatically saves key information within another directory, labeled _baks, created at the root of the Web site.
For the rollback feature to function properly, the _baks directory and any files it contains should not be deleted.
Keeping Your Settings Secure
Because Contribute stores many of the most important files, the setting and record-keeping files, in directories whose names begin with an underscore (for example _mm), making sure that people browsing the Web site can’t access these directories by mistake or, even worse, on purpose is very important.
If your Web site is being served by a computer running Microsoft’s Internet Information Server (IIS),these folders probably are already secure because IIS is automatically configured to prevent access to folders named in this manner. Many other commercial Web servers are also set up to act this way. Unfortunately, Apache’s Web server (one of the world’s more popular Web servers) is not among them. If you’re using an Apache Web server, you need to set it up yourself to disallow access to any files you want to protect. Because configuring Apache settings is not a part of Contribute’s features, consult your Apache Administrator’s guide or visit The Apache Server Project for more information.