Sometimes I receive some wierd request regarding WordPress blog customization. This time a client wanted to password protected the entire blog and not specific post. Basically, you can use Apache User Authentication but there’s another way to do this in WordPress.
Simply, add the below code in your theme header.php template file before the HTML start tag:
<?php auth_redirect(); ?>
Now visitors will be asked to log in using WordPress login form to view your blog. This is very suitable for someone that wanted privacy or owned a private blog.
this question may sound stupid.
where do the user get the username and password.
or the user have to register in order to read the post.
i think the person should not have blogs at all. why he want to blog if he don’t want people read them.
tj, this is just a simple trick. If you want more functionality, a plugin or more hack is needed since the User Roles only for Admin Panel.
CypherHackz , the same reason why blogger password protected their post. 10 years ago if you have a normal paper journal, would you share it with your classmates or parent?
Thanks for the simple tip. I thought I was going to be forced to use HTTP authentication in front of WP authentication, which would have been clunky and ugly.
And yes, there are LOTS of valid uses for private, “members only” web logs. With your help, mine is now properly set up.
Thanks,
I tried putting this right at the top:
Before “
Blogger don’t password-protect selected posts but instead it’s either publice or private for the whole blog which is rather inflexible. Just curious to find out if there’re other alternatives to make it happen at Blogger.
Many thanks
Christabel
Do you know of a way to password protect just a page in the wordpress blog? I imagine I could build a new php file called header1.php and have the page template refer to that header and then include this trick in order to make people sign in before viewing that page.
Would this work well, or should I be looking into plug-ins?
Basically I have a client who wants to do the same thing moby does at his website: after logging into the Moby Gratis section users can download free music to use in their independent films.
Maybe there are some easy wordpress forms plug-ins that could help with this as well…
I am thinking using wordpress might be easier than programming a secure part of his site from scratch.
Ah maybe someone can help me with this.
I want to password protect my blog,
but I do not want my readers/subscribers to be able to change that password.
Or to edit the account at all.
Anyone got suggestions?
Jason, you can use WordPress conditional tags. For example,
<?php if (is_page('your_download_page_slug')) auth_redirect(); ?>Robert, if you use my method it uses their own user login password.
I used password protected blog because I use it as an intranet where the public cannot view it but it’s accessible from anywhere with Internet connection.
Hey, in my Wordpress installation (2.3.2) this works fine for the blog — but not for the RSS feed. So if someone can guess the URL of your feed (not too hard) they can read your blog anyway. So .htaccess is the way to go after all, methinks. Or cripple your wordpress so it won’t put out an RSS feed.
You can still read the content using RSS feeds…Unless you are willing to delete wp-rss.php and other files.
Actually, I forgot to include few more thing.
To avoid people from reading from RSS / atom feed, go to Settings → Reading SubPanel and set Syndication feeds show the most recent to
-1(negative 1) posts.Finally, go to Settings → Privacy and set Blog Visibility to I would like to block search engines, but allow normal visitors.
Where do I find this header.php file? I can see wp-blog-header.php -is that the one?
I looked in that file and can’t see what the “start tag” is. Word start does not appear - can you be specific? Is this the right file anyway?
Niel, <html>
Does anybody know a way of having two passwords? I know this might seem odd but I want a password that is for ‘lifetime’ users and one for ‘trial’ users. I’ve looked at members only type plug-ins but all I want is a global password with two options. The trial password would change each month and the lifetime on would stay the same.
Thanks
In WP 2.6, the code below worked for me- I was getting caught in an endless authentication loop otherwise.
Also note, in my default Yahoo.com setup, the index.php in the root was loading the WP application, then linking into my /blog directory where WP is actually installed. If this is the case with you, you will need to make the root index.php file a simple redirect to your /blog/index.php or you will be stuck in the loop also.
”
Here is the formatted code for my above post:
<?php if (is_user_logged_in()){
echo "";
}
else {
auth_redirect();
};
?>
There is optionalways to do this:
#if you need password for onley one page
#all pages
#more then one page but not all of them
As mentioned above, there is stil some security issues to take vare of with this sulution.
I hope this helps out