11 May 2013

How to open node/add access?

Tags: Security, Tips and Tricks

QHow to open access to node/add for not logged in visitors if our workflow requires this, while now they are simply redirected to the homepage?

AThis has been restricted by design to protect your sites from brute-force DoS attempts, because this URL is never cached and always hits Drupal directly. There is an easy to use switch to disable it per site or per platform, so anonymous visitors will be able to create nodes again – just set allow_anon_node_add = TRUE in the site or platform level INI file

!Please understand that by removing this default protection, you are making all sites hosted on your instance vulnerable to potential DoS attacks, which are very common these days, with networks of spambots targeting Drupal sites with attempts to add spam as nodes, comments and registering new accounts. We reserve the right to restore default protection if our monitoring will detect that removed restrictions allowed to successfully attack your site and cause system instability.

Create Account or request a free Test Drive
Already 900+ hosts powering thousands of Drupal sites are running on our high-performance Aegir BOA stack
© 2009-2023 Omega8.cc | ul. Zlota 59, 14th floor Skylight Building, 00-120 Warsaw, Poland | Twitter
Smokin’ Fast Drupal Hosting in Amsterdam · Chicago · Frankfurt · London
Madrid · New York · San Jose · Singapore · Sydney · Toronto · Warsaw