Document site lock-down steps

[xxxserxxx]

Before submitting this feature request I have
COMPLETE AND FILL THESE OUT

• Reviewed the documentation and verified that my feature request isn't already a feature.
• Reviewed the existing feature requests and my feature has not been requested.
• Checked the tasks taged issues and verified my feature is not covered

Please Describe The Problem To Be Solved
The process to lock down an installation against anonymous users would be documented in the wiki.

By default, the Home group is open to the public; changes can't be made without login, but recipes added are browsable. It isn't obvious how to lock down an installation so that nothing but the login function is available to unauthenticated users, and I was unable to find any discussion of this in the wiki or the github issue log.

(Optional): Suggest A Solution
It would be helpful to have an up-front instruction about first-steps security. Whatever those steps are, it should be part of the installation before users start adding recipes, users, categories, or other data that they may have to change in order to secure the site. It would also be helpful to list exactly what information is exposed to anonymous users of an installation -- recipes, categories, tags, whatever.

Alternatively, a non-documentation solution would be to have a setting for the anonymous (unauthenticated) user that disables all access except the login function.

Additional Information
I'd be happy to add a wiki entry for this, if I knew what the solution was. At the moment, it isn't clear to me how to lock down the site -- I suspect it involves making a non-"Home" group and doing everything in there, and ensuring that nothing is added to the Home group, but I don't know.

[hay-kot]

I don't think there is an actually solution to this. If you dig around the issues and discussions you'll see at there are a few requests for using an Auth provider or Basic Auth to secure the site, but in it's current state Mealie doesn't really support that, and no one has stepped up to make the required changes.

That said, in v1 the site will be locked down (require login) by default, so that may solve your issue here.

[xxxserxxx]

Yes, that would address my goal, thanks.