New Check out Muut IO for developers
Muut Blog

Private Forums 101

Courtney Couch • 2016-02-04

Perhaps it’s a private club, maybe it’s for a project you need to keep under wraps — whatever the reason, you’ve decided you don’t want unknowns wandering into your community.

With all the ways to accomplish this — between Federated Identities, Private Member forums, and Signed Only Embedding — which works for you?

The turnkey easy route.

“Members Only Access” allows you, with the flick of a switch, to create a private forum. When users access your forum, whether it’s on muut.com or embedded on your site, they’ll be asked to join or login to access the page.

Users will login with their Muut accounts so you won’t need to worry about any identity management issues.

Once they login or register they’ll see an access request form. You could also ask users to enter extra information in the optional message box. It’s a great way to tag private club member IDs or track emails.

This method comes with the total security of your community without having to build or manage any complex systems. You could share the Muut URL and have a turnkey private community.

“Members Only” is available to subscribers of the Muut MEDIUM plan and like all our plans, it includes unlimited users, posts, uploads, views, etc.

The “I’m a programmer with my own users” route.

Your Joe Pesci gossip and fanfic website might be a hidden gem and the best kept secret on the internet, but you don’t want any old Joe Blow reading your latest content. So, you want to keep the community under wraps.

You can make something both seamless with your current user identities and private. You’ll need a bit of programming chops to accomplish this however. We try to make it easy, but we haven’t perfected the self coding AI-bot to write the integration for you.

The first step here is to implement a Federated Identities integration for your Muut community. Here is a walkthrough for implementing it in PHP and here are some more docs on the Fed-ID option.

Once you have federated identities setup you can go and enable the “Allow embedding with the secret key only” option. We call this “secure embedding.” Federated Identities use a special signed embed, and when you enable the secure embed option, it restricts access to your community, allowing it to be viewed on signed pages only. The forum will not appear on unsigned pages, including muut.com.

Now as long as the page on your Joe Pesci site where you have the forum is behind a paywall or something, the community is not only private, but it will use identities you control. Users will never have to register for Muut, nor login again to post on the forum.

If users visit your muut.com/forumname URL, they’ll see a blank screen. It’ll only be possible to access the forum on your site, with a login to your service.

This option is part of our MEDIUM plan. This plan, like all our plans, includes unlimited everything.

Well, I’m a programmer, but I don’t have a database.

All is not lost. You can still lock down access to your community. Take a look at the Fed-Id walkthrough, but in your authorization message don’t pass a “user” property. This is what’s called “secure embedding” and you can read more about it here.

Now turn on the “Allow embedding with the secret key only” option and your forum will be only accessible on the page you’ve embedded it on. If you make this page private, no one will be able to see your community unless you give them access to this page. You can even use this on an intranet closed to the public.

When using this strategy Muut will still manage identities for you. Users will login and register using our standard system and your community will remain completely private.

Just like the option above, you do need a MEDIUM plan in order to enable this option, and again, unlimited everything else when using our plans.

I want my own user database run by Muut.

We have a policy against sharing user’s private information. We’re super serious about privacy. We’re tired of using services where our information is wantonly spread to third parties. So we wanted Muut to be a place where users can be sure their privacy is protected.

If you use Federated Identities you already control your user database, and you already manage authentication. However, not everyone has a user database, and maybe you don’t want to set up yet another system to manage and support. But you still want the same access to user registration data provided by a Fed IDs setup.

Saving the day, in comes another fabulous turnkey option. LARGE plan subscribers can contact us to enable the private member database option. Once this is enabled, you can also enable Member Only and make it private too!

You’ll get to rely on our powerful and easy to use login and registration system. You’ll have one less thing to support and manage. And you’ll have a powerful and private community to drive your super secret fanfic community.

Interested? Contact us at [email protected] because LARGE plans all come with an account manager to be your advocate here at Muut.

Ok, what about lower level plans?

Haven’t upgraded yet, but you still want your community as private as possible? While true privacy is not possible on the lower level plans, you can often implement “good enough” privacy for many use cases.

Using the SMALL plan, for example, you can disable search indexing. Once disabled, we won’t make static content available to search engines. Embedded on your site, behind a password protected page, most users would not be able to access the community unless you give them access to the page. This strategy isn’t fool proof: if someone finds out your muut.com/community URL, they can share it — but for many communities it’s “good enough.”

On the MINI plan your only option is to not promote the muut.com URL and put the embed on a page you have protected. This will keep out most people that are casually accessing your community, and because the internet is such a huge place they probably won’t find your muut.com/community URL location otherwise.

Of course, none of the options in the “good enough” category are completely private, but it’ll make the community a little less public. It’s a lot like a bike lock: someone can always break the lock, but it’ll stop most passers by.

If you really want completely private communities, though, you will definitely need a MEDIUM or LARGE subscription.

Ok, let’s summarize!

  • Member Only communities — The quickest and simplest way to get a private community going. Users request access and you grant or reject them within Muut.
  • Secured Embedding + Fed-ID — Allows a seamless private integration into your site but you need a user database and some programming ability.
  • Secured Embedding — Drop the Fed-ID bit. Muut takes over identity management while still allowing your community to be restricted. You’ll still need some programming knowledge.
  • Private Member Database — You want it all, no compromise, and you don’t want to have to manage a complicated user database. The LARGE plan gives you this option. Total turnkey solution.
  • Pseudo-private forums — If you’re on either the (SMALL or MINI plans](https://muut.com/pricing/plans) you can make it harder to access a community for people not given access, but you can’t make it impossible.

Any questions about the options, we’re always happy to help you out! Give us a buzz at [email protected]

The complete discussion system for your site

Try all features 14 days without credit card. Ready to upgrade? Check our plans and pricing.