Create Protected Page Tags

Posted by FuzzicalLogic on 01 Mar 2009 16:43, last edited by James Kanjo on 09 May 2010 05:38

Tags: listpages navigation security tags

rating: +1+x


Page Tags are one of the most efficient ways to make your content accessible and searchable to your audience. When applied appropriately, they are also an extremely effective navigational supplement to your wiki. Sometimes, however, you may find that you need to limit viewership of certain tags. This can be particularly true if your site navigation is heavily tag dependent.

The need for this arose from my use of "hidden tags" to manage content generation. The documentation on "hidden tags" was limited and a little ambiguous. I was immediately enthralled with the fact that they are by default removed when using TagCloud module. A major caveat, however, is that they are not removed from the PagesByTag module, and they still display on the bottom of the page. For my wiki, this was a concern and so this workaround was born.


Protected tags are a great way to protect your site navigation from interference. They allow strong management of your tags so that other users cannot disrupt your organizational system. The fact of the matter is that spam-bots, uneducated users, and unethical users can screw up a system very quickly and with little effort. While these methods do not stop them completely, it does require them to work a little harder to do so. Additionally, creating a managed system for your tags may yield many other benefits depending on your content, structure and user base. All of the clear advantages are listed below.

Despite the advantages and control the methods described here allow, there are some limitations and inherent flaws to the process. Most limitations are in regard to workload. But a key point to remember is that security (no matter how small) always requires a great deal of ground work. The principle disadvantage of this method is that while it provides more management, it is not a substitute for true security measures which limit access. It, however, is better than none. Before you implement this, think about how important it is to your site. To help you make a proper informed decision, I have also listed the disadvantages and workarounds (if any).


  • Is more versatile than "Hidden Tags" - You can protect any tag. Depending on what the tag is, also determines the level of protection. This is explained below.
  • Does not impact "public" tags - All of the tags you do not define as protected are public and viewable. You could create an inherently closed tagging system, but that undermines (in the long run) the purpose of tags to begin with.
  • Supports Open and Closed systems - To create a closed system, make your interface display only tags that do have a certain tag. For an open system, make your interface display all tags that don't have that tag.
  • Is easily extensible - Once implemented it opens up the way for other applications. One such application that I have already implemented is an modified list-all-pages.
  • Can be used to limit any pages visibility - There may be times when you want a page to be accessible through specific channels, but don't want it to appear in your modules and views. By applying the same tag to your pages directly, this become possible.
  • With other techniques, allows strong dynamically linked pages - For instance, linking titles to Tag Trees allows you to generate dynamic generic page lists. This can be extremely powerful when using Multiple Word Tags, though there are some concerns with this.
  • Allows a direct management system to be implemented into your tag structure - If a user creates a new tag, you choose whether or not it enhances the sites navigation or whether it is simply transparent.
  • Is easily removable from your interface - In simple terms, starting down this road is not a commitment to use it. To stop utilizing the interface, simply adjust your CSS and remove your substitute page-tags.
  • Are accessible to users aware of them - That is, admins and moderators could list all the pages which use hidden tags with little or no modification to your current system.
  • Is queryable - This is the foundation to creating stronger, more capable lists of your tags than the cloud itself. So you could, in fact, create a ListPages interface to list all of your tags.
  • Makes Tags Documentable - As stated before, the pages that hold the tag may or may not have any content. If you use that content to describe the tag and how it should be used, some great dynamic help regarding which tags to use when becomes immediately available to your users.


  • Requires hands-on management for any tags to be effective - Your users tags will not work when they immediately put them in, unless they are already in the system. This is something that your users will not expect and can be harmful without the proper disclosure. If you are up to the management and your users accept your content, than this could help to maintain the quality of your site.
  • Requires content anticipation - If your site is very structured and static, than this can be useful. However, if you have multiple types of content from many uncontrolled users, Protected Tags may be more trouble than they are worth.
  • Requires minor modification to system pages. - In short, ListPages is a stronger tool than the other modules but each has their limitations. This may be utilized as a strength, but takes some considerable work on your infrastructure.
  • Requires many more pages - There must be a page for every tag. Though these pages may be empty, this can still be quite cumbersome if your site is expected to have a lot of tags.
  • As mentioned previously, this is not a substitute for true security methods. - This merely hides information from the interface, and does not remove all tags from the source code. Hiding something from a user is not the same as never giving it to them.
  • Does not protect tags when adding or removing tags - working on this
  • Subverts the PagesByTag module - This requires replacement interfaces wherever you have used this module. Depending on your need, such replacement may be a change to the category. In other cases, it will require a TagCloud or ListPages instead.

Avoiding Pitfalls

  • Document your Tags - Doing so will let your user know which tags have a functional purpose, or which ones have added weight. If you add the documentation to your tag-page content, itself, then you can save yourself a lot of trouble from the beginning. Additionally, by creating a help page that "includes" the tags and their documentation via a ListPages module, then you can have a single page that lists the purpose of all of your tags.
  • Know your Users - If you know which tags are likely to be used, then create them ahead of time.
  • Perform Regular Maintenance - Pay attention to new tags. If a new tag has become popular, add it to your tag-pages.
  • Educate your Users - Direct Users to the help for tags or your guidelines for page edits. Letting them know in advance is a great way to avoid misconceptions.
  • Use your Hierarchy - Completely invisible tags need a partially visible parent. Otherwise, they will become inaccessible should they ever be forgotten, changed, etc.

How to Protect your Tags

Creating Protected Tags

  1. Decide on a category to place your tag pages. For the following examples, we will use "tags". This may be either a new category or one that is relatively unused, such as admin or system. The category must be one that is visible through ListPages. I recommend using a separate category for several reasons:
    • It allows you to set up a template if necessary for documentation
    • It allows you to query only tag-pages, if necessary.
  2. Decide on a hidden tag that you will use to tag your tag-pages. This can be anything you would like, as long as your admins and moderators can easily remember what it is. For examples in this How-To, we will use "_protected"
  3. Create a page for your protected tag in the chosen category. For our example, you would create a page named "tags:_protected". You don't have to enter any content for the pages, just create and then save. Next, tag the page with the protected tag. This is so that users cannot accidentally find your hidden tag.
  4. Create a page for any and all tags that you want to enhance your navigation. All of the pages must be in the chosen category. Tag this tag-page with the name of the tag. If the tag is protected, also tag it as "_protected". Depending on your tag and its protection status will determine the level of protection.
    • Visible to All - Make an unhidden tag and do not tag it as "_protected"
    • Visible to Clouds/Invisible to Tagged Pages - Unhidden tag that is tagged as "_protected"
    • Invisible to Clouds/Visible to Tagged Pages - Hidden tag that is not tagged as "_protected"
    • Invisible to All - Hidden Tag that is tagged as "_protected"1
  5. Repeat until complete.

Creating a new Page Tags interface

Add the following code to any templates that you wish to restrict the functionality to. Note the [[div class="public-tags"]] before the ListPages. This is important, because the prependLine argument does not allow you to input classes.

[[div class="public-tags"]]
[[module ListPages category="tags" tags="%%tags%% -_protected" separate="false"]]
* [/system:page-tags/tag/%%title%% %%page_name%%]

Hiding the old Page Tags interface

Add the following line to the CSS for your theme:

.page-tags { display:none; }

Additional Information

Pertinent DOM structure (for CSS and JS)

  • #main-content
    • #page-content
      • .public-tags
        • .list-pages-box
          • ul
            • li
              • a


FuzzicalLogicFuzzicalLogic. Please visit his/her userPage.

Related articles


Add a New Comment
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-Share Alike 2.5 License.