MODX Revoluton Default ACL Entries

Sometimes you mess up your MODX Revolution security entries so badly that you just want to start over. You should have made a note of the default entries before starting, but you didn't.

If your problem is that Resources or Elements have disappeared from the tree for you, the first thing to try is just adding yourself (the admin Super User) to all user groups with a role of Admin Super User. It's relatively easy to hide stuff from yourself in MODX Revolution and this will almost always solve that problem.

If you really need to go back to the default settings, the following steps should take you there

  1. Go to Security | Access Controls | User Groups tab
  2. Check the Administrator user group. The admin Super User should be the only member. Remove any other users by right-clicking on them and selecting "Remove User From Group". Important: Be careful not to remove the admin Super User!
  3. Next, right-click on the Administrator group and select "Update User Group""
  4. On the Context Access Tab, there should be only two entries (usually at the top):
  5.     Context: 'mgr'
        Minimum Role: Super User
        Access Policy: Administrator
    
    
        Context: 'web'
        Minimum Role: Super User
        Access Policy: Administrator
    
  6. Correct the entries to match the ones above, and remove any other entries unless they were created for a MODX extra (e.g., Quip or Articles).
  7. On the "Resource Group Access", tab there should be no entries (again, unless they are there for some MODX extra). If there are, right-click on them and select "Remove". Do the same thing on the "Element Category Access" tab.
  8. Click on the "Save" button at the upper right.
  9. Click on the "Cancel" button at the upper right to go back to the main panel.
  10. The (anonymous) user group should have only one member. Remove any others.
  11. Right-click on the "(anonymous)" user group and select "Update User Group".
  12. On the "Context Access" tab, there should be one entry (remove any others that you created).
        Context: 'web'
        Minimum Role: member
        Access Policy: Load Only
    
  13. On the "Resource Group Access" tab, remove any entries you created.
  14. On the "Element Category Access" tab, remove any entries you created.
  15. Click on the "Save" button at the upper right
  16. On the "Security" menu, Flush Permissions and Flush All Sessions. That will log you out. When you log back in, you should be back where you started.

Security Resources at Bob's Guides

 

My book, MODX: The Official Guide - Digital Edition is now available here. The paper version of the book is available from Amazon.

If you have the book and would like to download the code, you can find it here.

If you have the book and would like to see the updates and corrections page, you can find it here.

MODX: The Official Guide is 772 pages long and goes far beyond this web site in explaining beginning and advanced MODX techniques. It includes detailed information on:

  • Installing MODX
  • How MODX Works
  • Working with MODX resources and Elements
  • Using Git with MODX
  • Using common MODX add-on components like SPForm, Login, getResources, and FormIt
  • MODX security Permissions
  • Customizing the MODX Manager
  • Using Form Customization
  • Creating Transport Packages
  • MODX and xPDO object methods
  • MODX System Events
  • Using PHP with MODX

Go here for more information about the book.

Thank you for visiting BobsGuides.com

  —  Bob Ray