Set public role for specific content

[TOC]

Overview

By default, the Public role often has "View All" permissions enabled. When you turned on "Allow public viewing," those role-level permissions immediately applied to every book and page on your site. To fix this and keep only specific pages public (the "whitelist" approach), follow these steps:

Strip the Public Role of its "View All" Power This is the most important step to prevent everything from being visible.

Steps

1. Strip the Public Role of its "View All" Power

Go to Settings > Roles.
Edit the Public role (sometimes called "Guest").
Scroll down to Asset Permissions.
Uncheck every box under "View", "Create", "Edit", and "Delete" for Books, Chapters, and Pages.
Save the role.
Result: Now, even though public viewing is "On," guests can't see anything because their role has no permission to view any assets.

2. Grant Permission to ONLY the Specific Content

Now that the door is locked for everything else, you can unlock just the items you want.

Navigate to the specific Book or Page you want to make public.
Click Permissions in the sidebar.
Check "Enable Custom Permissions".
In the Role Overrides section, find the Public role and check only the View box.
Save the permissions.

[!IMPORTANT] Watch out for "Everyone Else" In the Page/Book permission settings, there is often an "Everyone Else" row at the bottom.

Make sure "Inherit defaults" is unchecked for that row if you want to be extra sure nothing leaks.
If it is checked, it will fall back to whatever you set in the main Public Role settings (which we just cleared in Step 1).

[!TIP] Permissions in BookStack cascade downwards (Book -> Chapter -> Page). If you make a Book public, every page inside it becomes public too. If you only want one page public, set the permissions only on that page.