Password Protect ENTIRE WordPress Site

  • I am putting up a “Family” blog (My wife is pregnant) and she would like me to make the site Private, so you can only read the blog if you have a password.

    **HOWEVER** Grandma & Grandpa are going to be visiting the site, so I dont want to use a .htacess type solution (or have everyone login)

    Is there any way to make wordpress just go to a Password page, and if the correct password is given, it will take redirect and enable the normal blog?

Viewing 15 replies - 1 through 15 (of 19 total)

  • https://blog.carthik.net/vault/2004/07/04/plugin-registered-users-only/

    https://17thdegree.com/archives/2005/07/01/wordpress-plugin-page-restriction/

    Thread Starter hevnsnt

    (@hevnsnt)

    I think *BOTH* of those require you to login… I dont want the users have to login, I just want a password, and once given will enable the entire blog.. Exactly what the first one does, but password based instead of login based. Again, I dont want to confuse Grandma & Grandpa…

    Just modify it so that the username is pre-filled-in and hide the input field.

    Thread Starter hevnsnt

    (@hevnsnt)

    hahaha nice fix!

    Could you help me with that? I understand exactly what you are getting at, but could you help me with the code?

    Did you manage to do somthing like you want? I need the same thing as you. I am in the same situation with grandma and grandpa.

    Color me dense but what’s the difference between entering a password and logging in?

    And shouldn’t we be giving Grandma and Grandpa a little more credit – surely they can remember how to login if they know how to type in the URL.

    The difference is I don’t want to manage users. The password will be given to anybody. For instance, grandma could give the password to a friend so he/she can view the blog because I put pictures on the blog.

    The thing is I want to password-protect the site to avoir strangers to access the site. I don’t care that a friend of a friend have the password to see the site, but I don’t want any joe somebody that doesn’t have a far relation with me or my familly to access it.

    You could password protect the WP directory through your CPanel, and then set up one user name and password to give out to folks.

    Even with .htaccess solution you can simply setup one set of login & password and give it out to everyone deserving.

    Well, other than using sessions or cookies, you might tell grandma to go to https://myurl/wordpress/index.php?password=password, then in the index have it read the password and show nothing if it is not correct… then hide it somewhere on the page so it will be passed each page reload etc…I normally have a log in page with a session set, then check for that session each page load, but thats a little too complicated for this instance I think..
    most web sites will read the index.html first then the index.php, so you might make the index.html with javascript and tell grandma to click on pix one, then pix 5, then open the index.php.. ??? chances of a stranger or spider clicking on those two images in that order might be pretty low.

    You can do alphaoide’s solution by altering the username input box to this:

    <input type="text" name="username" value="insert_username_here" style="display: none;">

    Well, it’ll be similar to that. The important parts are the value="insert_username_here" which makes that username the default value and `style=”display: none;” which hides the input box. Of course you could put that rule into you CSS file too.

    Even with .htaccess solution you can simply setup one set of login & password and give it out to everyone deserving.

    This sounds like the best approach to me. With .htaccess you password-protect the whole site with as few or as many usernames as you want to manage.

    Good one angsuman!

    I must have been asleep when I posted above, wordpress does not interact well with passing variables, so I did this and it seems to work:
    put this in the beginning of the index.php, right after the php tag:

    $pass= $HTTP_COOKIE_VARS['pass'];
    if(md5($pass) !="6ac2ef13799089e8322ab4d07833321f") {
    header("Location: mylogin.php");
    }

    you do not have to hash it, you could use a plain password, just send them to mylogin.php if they don’t have that cookie.
    then in mylogin.php, put this:

    <?php
    if($submit) {
    $set = SetCookie("pass","$pass", time()+(60*60*24*365),"/","yourdomain");
    header("Location: index.php");
    }
    print<<<END
    <form method=post action="mylogin.php">
    Password: <input type="password" name="pass" value="" size=10 maxlength=10>
    <input type="submit" name="submit" value="Enter">

    </form>
    END
    ?>

    if they enter the wrong password, it will be rejected by the index and sent right back.. if the correct password is set, then grandma can come back for a year and not have to worry about the password.. you could also reset the cookie if they have the right password already and keep on going..

    <input type="text" name="username" value="insert_username_here" style="display: none;">

    Well, it’ll be similar to that. The important parts are the value=”insert_username_here” which makes that username the default value and style="display: none;" which hides the input box. Of course you could put that rule into you CSS file too.

    No need for CSS you know. ??

    <input type="hidden" name="username" value="insert_username_here">

    lol, dang, there ain’t no school like old school.

Viewing 15 replies - 1 through 15 (of 19 total)
  • The topic ‘Password Protect ENTIRE WordPress Site’ is closed to new replies.