aliases:
- Access control for Obsidian Publish
- Security/privacy for Obsidian Publish
permalink: publish/security
You can choose the notes you want to publish to Obsidian Publish. The rest of your notes stay safe in your vault.
Only the notes you choose to publish are sent to Obsidian's servers, and any notes you unpublish are removed.
For improved access control on your publish site, apply a site password. Visitors will be prompted for a password when attempting to access it. If you decide to remove the site password later, the entire site will become visible to the public again.
By default, Obsidian Publish does not collect visitor data, store cookies, or process personal information. However you can implement analytics or log other user data by customizing your site.
As the site owner, you are responsible for complying with GDPR and privacy regulations in your region. This includes creating your own notification banner, which can be implemented using publish.js, and adding a privacy policy page to your site.
Obsidian contracts with Cloudflare to provide site hosting for our Publish sites. The servers are hosted in San Francisco, CA.
To regulate access to Obsidian Publish on your network, you need to manage the following domains:
publish.obsidian.md
publish-main.obsidian.md
Additionally, the backend services employ the following subdomains: publish-xx.obsidian.md
, where xx
is a number ranging from 1 - 100
.
publish-*.obsidian.md
to accommodate our continuous expansion of subdomains.