Don’t want to require authentication for every part of your site? Fine! Add a whitelist to your Jekyll’s config.yml file:
jekyll_auth:
whitelist:
- drafts?
jekyll_auth.whitelist takes an array of regular expressions as strings. The default auth behavior checks (and blocks) against root (/). Any path defined in the whitelist won’t require authentication on your site.
What if you want to go the other way, and unauthenticate the entire site except for certain portions? You can define some regex magic for that:
jekyll_auth:
whitelist:
- "^((?!draft).)*$"
There is also a more extensive article containing installation instructions for Jekyll-Auth and a second one on how to find your GitHub team ID.
If you’ve got SSL set up, simply add the following your your _config.yml file to ensure SSL is enforced.
jekyll_auth:
ssl: true
Just like GitHub Pages, Jekyll Auth will honor a custom 404 page, if it’s generated as /404.html in the built site.