The solution is poorly documented on the internet, but fairly simple once you do it. In the root of the store, there is a master configuration file known as 'web.config'. This file drives all of the ASP.Net settings necessary for a smooth running AbleCommerce store. It also just so happens to handle the primary authentication security settings for the entire Able store. So this is where we make a simple change and the whole store now requires authentication before a page can be viewed.
First, make a backup copy of the web.config file in the root of the store. If something goes wrong, the whole store will go down so you need a quick way to get things back online while you troubleshoot.
Once you have your backup copy made, edit the web.config file. Locate this line:
Code: Select all
<system.web>
Code: Select all
<location path="App_Themes">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
<location path="Scripts">
<system.web>
<authorization>
<allow users="*"/>
</authorization>
</system.web>
</location>
<system.web>
<authorization>
<deny users="?"/>
</authorization>
Pro Tip #681: Never lose the password to your blog where you keep all your tips. Or you might be forced to post important pro tips in a forum