When you publish a site and make it available online, you'll want to control who can access the site.
When you secure a site, you specify which groups of users can access your published (online) site based on an assigned role. These roles are service-wide roles assigned by an administrator of the service instance.
If you are an administrator, there are additional actions you can take that relate to site security, such as enabling custom sign-in, allow sharing of sites and themes, limit site, template, and component creation, enable governance, and other actions. See Configure Sites and Assets Settings in Administering Oracle Content and Experience.