Sometimes I receive some weird request regarding WordPress blog customization. This time a client wanted to password protected the entire blog and not specific post. Basically, you can use Apache User Authentication but there’s another way to do this in WordPress.
- Go to Users → Authors & Users sub-panel.
- Add a new user in the Add New User section. This login will be used to access your WordPress by other user. Or go to Settings → General → Membership and check “Anyone can register”.
- Add the following lines to your Theme’s template functions.php file (For example, functions.php file for a Theme named “default” would probably reside in the directory wp-content/themes/default/functions.php) or create it as a Plugin by filling the additional Standard Plugin Information:
function password_protected() { if ( !is_user_logged_in() ) { auth_redirect(); } } add_action('template_redirect', 'password_protected'); add_action('do_feed', 'password_protected'); - Go to Settings → Discussion sub-panel. Under Default article settings, uncheck “Attempt to notify any blogs linked to from the article (slows down posting.)”.
- Finally, go to Settings → Privacy and set “Blog Visibility to I would like to block search engines, but allow normal visitors”. Click Save Changes.
Now visitors will be asked to log in using WordPress login form to view your WordPress blog / site. This is very suitable for someone that wanted privacy or owned a private WordPress blog / site.
[...] This is a easy way you can made a private blog metioned by Zeo. [...]
this question may sound stupid.
where do the user get the username and password.
or the user have to register in order to read the post.
i think the person should not have blogs at all. why he want to blog if he don’t want people read them.
Real easy. I am making a employee only blog. I do not want others to see the info. I may want to make a family only one. Same thing. Very simple reasons. Not everyone wants everyone in their business. Blogging does not require a large viewing arena.
tj, this is just a simple trick. If you want more functionality, a plugin or more hack is needed since the User Roles only for Admin Panel.
CypherHackz , the same reason why blogger password protected their post. 10 years ago if you have a normal paper journal, would you share it with your classmates or parent?
Thanks for the simple tip. I thought I was going to be forced to use HTTP authentication in front of WP authentication, which would have been clunky and ugly.
And yes, there are LOTS of valid uses for private, “members only” web logs. With your help, mine is now properly set up.
Thanks,
I tried putting this right at the top:
Before “
Blogger don’t password-protect selected posts but instead it’s either publice or private for the whole blog which is rather inflexible. Just curious to find out if there’re other alternatives to make it happen at Blogger.
Many thanks
Christabel
Do you know of a way to password protect just a page in the wordpress blog? I imagine I could build a new php file called header1.php and have the page template refer to that header and then include this trick in order to make people sign in before viewing that page.
Would this work well, or should I be looking into plug-ins?
Basically I have a client who wants to do the same thing moby does at his website: after logging into the Moby Gratis section users can download free music to use in their independent films.
Maybe there are some easy wordpress forms plug-ins that could help with this as well…
I am thinking using wordpress might be easier than programming a secure part of his site from scratch.
Ah maybe someone can help me with this.
I want to password protect my blog,
but I do not want my readers/subscribers to be able to change that password.
Or to edit the account at all.
Anyone got suggestions?
Jason, you can use WordPress conditional tags. For example,
<?php if (is_page('your_download_page_slug')) auth_redirect(); ?>Robert, if you use my method it uses their own user login password.
I used password protected blog because I use it as an intranet where the public cannot view it but it’s accessible from anywhere with Internet connection.
Hey, in my Wordpress installation (2.3.2) this works fine for the blog — but not for the RSS feed. So if someone can guess the URL of your feed (not too hard) they can read your blog anyway. So .htaccess is the way to go after all, methinks. Or cripple your wordpress so it won’t put out an RSS feed.
You can still read the content using RSS feeds…Unless you are willing to delete wp-rss.php and other files.
Actually, I forgot to include few more thing.
To avoid people from reading from RSS / atom feed, go to Settings → Reading SubPanel and set Syndication feeds show the most recent to
-1(negative 1) posts.Finally, go to Settings → Privacy and set Blog Visibility to I would like to block search engines, but allow normal visitors.
Where do I find this header.php file? I can see wp-blog-header.php -is that the one?
I looked in that file and can’t see what the “start tag” is. Word start does not appear – can you be specific? Is this the right file anyway?
Niel, <html>
Does anybody know a way of having two passwords? I know this might seem odd but I want a password that is for ‘lifetime’ users and one for ‘trial’ users. I’ve looked at members only type plug-ins but all I want is a global password with two options. The trial password would change each month and the lifetime on would stay the same.
Thanks
In WP 2.6, the code below worked for me- I was getting caught in an endless authentication loop otherwise.
Also note, in my default Yahoo.com setup, the index.php in the root was loading the WP application, then linking into my /blog directory where WP is actually installed. If this is the case with you, you will need to make the root index.php file a simple redirect to your /blog/index.php or you will be stuck in the loop also.
”
Here is the formatted code for my above post:
<?php if (is_user_logged_in()){
echo "";
}
else {
auth_redirect();
};
?>
There is optionalways to do this:
#if you need password for onley one page
#all pages
#more then one page but not all of them
As mentioned above, there is stil some security issues to take vare of with this sulution.
I hope this helps out
[...] but none of them ever worked for me. However, I stumbled across this piece of code, here,and it has worked superbly. Merely insert the code into the top of your header.php file located in [...]
thanks, chris – was having the same problem. you rock!
Hi, anyone know how do i edit the note that shows on a password protected page?? im trying to put my subscribing payment link there.
Thanks
How do you make a password protected page because the website http://www.julianebubbles.wordpress.com check the presidents only page how can I get a page that you need a password to veiw????Please help me!!!!
thank you. that piece of code plus instructions worked perfectly!
[...] found a great tutorial on how to password protect WordPress at this site. Just folow the steps [...]