I am currently using the .htaccess file in cPanel to password protect my Wordpress website. There are a list of whitelisted IP addresses that can bypass the login form.
I would like to whitelist a page, but I don't have a .php or .html file to whitelist. It is a page within Wordpress, so I realize I may have to find a plugin or another way to do this. I don't want to have to manually password protect literally every single page just so I can have one page open to the public, so... there must be a way to do this.
If anyone can help out, it'd be greatly appreciated!
Thanks!
I am currently using the .htaccess file in cPanel to password protect my Wordpress website. There are a list of whitelisted IP addresses that can bypass the login form.
I would like to whitelist a page, but I don't have a .php or .html file to whitelist. It is a page within Wordpress, so I realize I may have to find a plugin or another way to do this. I don't want to have to manually password protect literally every single page just so I can have one page open to the public, so... there must be a way to do this.
If anyone can help out, it'd be greatly appreciated!
Thanks!
Share Improve this question asked Sep 27, 2016 at 16:05 Marina RoseMarina Rose 211 silver badge2 bronze badges2 Answers
Reset to default 1If you are just wanting a simple "login" you could use htpasswd and htaccess. WordPress sites already have the htaccess in the main directory.
Add an .htpasswd file at the same level as your root HTML folder. Example:
.
├── public_html
| └── wordpress
| └── .htaccess
└── .htpasswd
Use a tool like htpasswd generator to generate a username/password pair. Then add this to your .htpasswd file.
Find the path $_SERVER["DOCUMENT_ROOT"] may provide some insight for you.
Edit WP's .htaccess. After the #END WORDPRESS# add
AuthType Basic
AuthName "Restricted Area"
AuthUserFile /var/www/mysite/.htpasswd
require valid-user
If you need more detailed instructions see this post.
However, this does not address your request about IP Validation. This question on StackOverflow may address it.
You would update the .htaccess file to read
AuthUserFile /var/www/mysite/.htpasswd
AuthName "Please Log In"
AuthType Basic
require valid-user
Order allow,deny
Allow from xxx.xxx.xxx.xxx
satisfy any
You can make page-whitelist_content_page_slug.php on your theme folder and add required rules.
OR
In page.php try this condition:
<?php if (is_page(page_ID) ){ ?>
//content for whitelist page
<?php }
else if(is_user_logged_in()){ ?>
//Content for all pages
<?php } ?>
OR
These plugins May help you:
1) WP Private Content Plus
Main features:
- Restrict entire posts/pages/custom post types
- Restrict content by User Groups
- Restrict content by User roles
- Restrict content for Guests or Members
- Restrict content by User role Levels
- Restrict content by WordPress capabilities
- Private Page for user profiles
- Restrict menu for members, guests, user roles, user groups
- Restrict widgets for members, guests, user roles
- Restrict post attachments and downloads to for members, guests
- Restrict content by multiple user meta keys
- Restrict content by multiple user meta values
- Restrict search content by user types
- Integration with User Profiles Made Easy
- Global Site Protection with Single Password
2) Redirect to login if not logged in
Redirect user to login page if not logged in
NB: Both plugins are free