Important Notice: Please be aware that this FAQ entry covers a technically advanced topic that requires knowledge of server administration. If you are not familiar with these concepts, consider seeking the assistance of a system administrator or IT specialist to ensure the setup is carried out correctly and securely.


This FAQ entry will guide you on how to set up a proxy server to restrict access to your Pageflow stories so they are only accessible within your company's intranet. By using a proxy server and Pageflow's password protection feature, you can maintain security and ensure that only authorized users within your organization can access the content.


Step 1: Enable password protection for your Pageflow stories

Before setting up the proxy server, publish your Pageflow stories using Pageflow's password protection feature. Assign the same password for all entries. You can find more details in the "How can I protect stories with a password?" guide.


Step 2: Choose a proxy server

Select a suitable proxy server software for your needs. Popular options include Nginx, Apache HTTP Server, and HAProxy. You'll need to install and configure the proxy server on a system within your company's network.


Step 3: Obtain the basic auth credentials

To configure the proxy server, you'll need the Base64 encoded credentials that you entered in Pageflow. These credentials are in the format username:password where username is the name of your Pageflow account and password is the password you entered while publishing your entries. You can encode the credentials using a Base64 encoder or a command-line tool like the following:

echo -n 'username:password' | base64

 

Step 4: Configure the proxy server

Update your proxy server configuration to include the following settings (the example below is for Nginx, adapt it to your chosen proxy server software):

location /pageflow-stories/ {
    proxy_pass https://<your_pageflow_account_name>.pageflow.io/;
    proxy_set_header Authorization "Basic <your_base64_encoded_credentials>";
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
}

Replace <your_pageflow_account_name> with the name of your Pageflow account and <your_base64_encoded_credentials> with the encoded credentials obtained in Step 3.


Step 5: Test the configuration

Restart the proxy server to apply the changes, and then access one of your Pageflow stories through the proxy server URL (e.g., https://your-company-intranet.com/pageflow-stories/my-story). You should now be able to access the story without entering a password, but only from within your company's intranet.