Search Not Working After Enabling "Restrict Public Access" in Umbraco 13.7.2

anju-sudo · April 25, 2025, 6:45am

Topic: Search Not Working After Enabling “Restrict Public Access” in Umbraco

Issue:
I’ve encountered a problem where the search functionality stops working after enabling Restrict Public Access on my staging environment.

What I did:

I created a login partial view using the “New Partial View Snippet” option in Umbraco.
From the available snippets, I selected Login, and then included this partial in my Login.cshtml template.
I right-clicked on the Home node in the content tree and selected “Restrict Public Access”.
I chose the option for “Specific Members”, and for the login page, I selected the one I created.
After this, the member login protection worked as expected.

The Problem:

Once I enabled public access restriction, my search stopped working.
I checked the External Index in the Umbraco backend — it’s not returning any results.
However, my custom search logic still works, which suggests it’s not a front-end issue.
As soon as I remove the public access restriction, search works again.

Has anyone experienced this before? Is there a known workaround or fix to allow search while using public access restrictions?

Thanks in advance!

okadriu · April 25, 2025, 8:21am

Hey Anju,

Yes — I ran into the exact same issue a while back, and I totally understand how confusing it can be when search suddenly stops working after enabling Restrict Public Access. I searched everywhere for a ready-made solution, but didn’t find much at the time, so I ended up implementing a workaround myself.

In short, the problem is that when you restrict public access, Umbraco’s indexer (especially when using something like the FullTextSearch package) no longer has permission to render and index the protected pages — which causes your search results to go empty.

My solution was to programmatically log in a special “search user” during the indexing process. I created a secure API endpoint that allows the indexer (via an HttpClient) to log in this user, retrieve the authentication cookie, and use it when rendering pages to be indexed. This ensures the indexer gets access to the full content — even behind login.

Some key points of the approach:

I defined login credentials and a role for this search user in config.
During indexing, a request is made to an internal API to authenticate the user.
The auth cookie from this login is attached to the indexing HTTP request.
The pages are rendered as if viewed by an authenticated member with proper group access.
This gives the indexer everything it needs without exposing protected content to the public.

I used Umbraco 13.6.0 and the FullTextSearch package — which allows for custom implementations like this via the IPageRenderer interface.

It took a bit of setup (custom services, dependency injection, etc.), but once it’s in place, it works reliably and respects your member protection.

Hope this gives you a clear direction!

D-Inventor · April 26, 2025, 7:26am

Hi there,

The above answer already points out that restricted content is not indexed by default. However, no difficult workarounds are needed to make this work. You can simply allow your external index to also index restricted content. What you need for that is a custom ContentValueSetValidator.

You can configure that like this for example:

public class ConfigureExternalIndexWithRestrictedAccess
    : IConfigureNamedOptions<LuceneDirectoryIndexOptions>
{
    public void Configure(LuceneDirectoryIndexOptions options)
    {
    }

    public void Configure(string? name, LuceneDirectoryIndexOptions options)
    {
        if (!string.Equals(name, "ExternalIndex", StringComparison.Ordinal))
            return;

        // 👇 this particular constructor overload automatically enables protected content
        options.Validator = new ContentValueSetValidator(
            publishedValuesOnly: true);
    }
}

public class MyComposer : IComposer
{
    public void Compose(IUmbracoBuilder builder)
    {
        builder.Services.ConfigureOptions<ConfigureExternalIndexWithRestrictedAccess>();
    }
}

anju-sudo · May 22, 2025, 9:05am

Its working. Thank you. Really appreciate it.

anju-sudo · May 22, 2025, 9:08am

Thanks for your helpful responses! I really appreciate your time and support.