Access from the Admin Console

Location: Site > General > Settings

Overview

The Settings menu opens up to the General Site Settings page. This page allows you to fill in information for several different settings for your site, including the following:

  • Name of your site.

  • Title of your site.

  • Description of your site.

  • Meta Description for search engine optimizations.

  • Google Analytics Account if you would like to utilize Google Analytics.

  • Locale of your site.

  • Default Editor Markup that users will see by default when creating content.

    • Allow user selection box – when checked, adds the option to select from among the available editors on user preferences, site preferences tab.
    • Display line numbers on code blocks – when checked, code blocks will include automatic line numbering in increments of one.
    • Enable Autosave Feature – When enabled, a draft per content type (question, answer, article, idea, comment) will be autosaved if the user navigates away from the page before publishing. When users next start to create the content type, a dialog box to load the saved draft will be presented.
    • Store and Display HTML tags as plain text in Markdown Editor – when the Markdown editor is used, and this option is enabled, all HTML entered into the editor will be stored and presented as plain text.
  • Logo for your site.

  • Logo Alt Text that appears upon hovering over the Logo.

  • Favicon to uniquely identify your site within browsers.

  • Redirect to route traffic to your domain whether or not www is used

  • Protocol Request Header to support configuration of HTTP headers
    This option allows Answerhub to to correctly handle different Content Delivery Networks (CDNs) when they are placed in front of AnswerHub. It always AnswerHub to know if the user is using HTTPS when connecting to AnswerHub. Each CDN can be configured differently, and in some circumstances the configuration could cause issues with how AnswerHub securely redirects insecure connections
    By default, without a CDN, a Devada hosted instance of AnswerHub will not need this option changed as it will be configured for the systems and services in place to serve content.
    A Devada hosted instance that would require this option to be changed would be the introduction of CloudFront or CloudFlare where those CDN services are configured to then retrieve content from AnswerHub on HTTP instead of HTTPS. In this situation, AnswerHub would interpret the connection coming from a HTTP user.

  • Use HSTS - Enable to support HTTP Strict Transport Security

  • Content Security Policy Header Value - Allows configuration of response headers

Content Security Policy (CSP) is an added layer of security that helps to detect and mitigate certain types of attacks, including Cross Site Scripting (XSS) and data injection attacks. These attacks are used for everything from data theft to site defacement to distribution of malware.
To enable CSP, AnswerHub needs to send HTTP headers to the client. This policy allows or denies clients access to resources such as javascript, images, media, fonts, and several other types of resources. Without this option set, the client browser is not informed about which resources it will control access to. A simple CSP would allow Answerhub to execute inline javascript, to use Google Analytics/Tags Manager, and load images from the site and/or the company organization

More CSP information is available at Imperva

https://www.imperva.com/learn/application-security/content-security-policy-csp-header/

Site Privacy

🚧

Site Privacy Settings:

The status of your AnswerHub site privacy settings is set to either public or private during your original install (the button highlighted as green is the current setting).

If you select the PUBLIC button, your site will be visible to anyone, with no login required. If the users want to participate within the community, they will still need to log in.
A successful change to the public setting will display as a yellow bar at the top of the General Site Settings Page with the following message: "You have made this site public. Anyone can register and view the content."

If you select the PRIVATE button, your site will require a user to log in to access the site's content and to participate within the community.
A successful change to the private setting will display as a green bar at the top of the General Site Settings Page with the following message: "You have made this site private. You must create new users manually."

REST API

🚧

REST API Settings:

You can set the status of your REST API setting to either ENABLED or DISABLED (the button highlighted as green is the current setting).

If you set the REST API Status to Enabled, you allow your site to use the REST web services.
You must also grant the Use API Permission for the API requests to return results.
A successful change to the enabled status results in a green bar at the top of the General Site

Settings Page with the following message: "You have enabled the REST API. The USE API role is required to have access to the API."
If you set the REST API status to Disabled, you are not allowing your site to use the REST web services.
A successful change to the disabled status results in a yellow bar at the top of the General Site Settings Page with the following message: "You have disabled the REST API."