I see that published posts on the websites for example; a blog post. It is accessible to public users i.e. if a user is not logged in, they will have access to the page if they have the link.
This is a problem for bots and unrestricted users.
Does anyone know how we can prevent the public i.e. someone without a user ID from accessing contents on the website?
If you know how templates work, you can use python.
Create a python code for that view, check if user is guest or not with frappe.session.user . If it is guest is will return Guest , otherwise it will return the logged in user.
Hm maybe guest is included in “all”?
Otherwise, if youre not on the hosted version, you can set developer_mode to 1, go to edit doctype and set explicit the website permission. There it is per default as guest.
Hmmm… I just recently came across this issue with Web Pages and thought I might have missed something. I really find it hard to believe that this basic and fundamental feature is actually missing!