Hello, I am Jamie Robe, author of the Controlling who can join your site
Once you have verified that your site is working and that you can log into both the Plone front-end and the ZMI back-end, it is prudent to lock out other's from joining your site at this early stage.
Joining a site means that a user is able to find a "join" hyper-link, enter in a name, email address, and other info, and get an account assigned to them. Plone can handle all of that automatically, even taking care of people who forget their password through emails sent to them.
These join and related features can help you if you are building an Intranet portal or Internet community-type website, where users will login and add content, etc. But not all sites want or allow vistors to login. My site InSmallSteps.com does not require anyone to login to use the resources here.
In general, it would be problematic to let people into an unfinished site too early. You or they may get confused with content or skin changes, especially if you as webmaster are experimenting with the look and organization of the site.
The first thing to do is to look at some of the obvious places where the login function can be reached. The following shows the personal bar on a site that is not logged into yet:
This is actually what we call a portlet, in this case sitting in the left_slot (more on portlets and slots later).
It is not called join here, but New user?
All of these hyper-links actually take you to a Registration Form, which can be recahed by adding a /join_form to the end of your sites URL.
Luckily, there is an easy way to disable all these join mechanisms.
