Tutorial: Password Protect an Entire WordPress Blog

Anyone Can Register
John P.

Recently I had the need to set up a couple of blogs that I only wanted people who are logged in to be able to access. After a little research and experimentation I came across the following fix.

So lets say you wanted to set up a Blog for just the use of your own internal company. Or Family. Or whatever… But you don’t want anyone to be able to access the site unless they are logged in. It’s actually a lot easier than you think. Here’s how to do it.

  1. In the WordPress Admin panel choose Settings. This takes you to the General Settings tab. Under Membership, UNCHECK the option that reads “Anyone can register“.

    This way the only people who are going to have access are the ones that you allow to register. Bad news = You have to register them. Good news = Only they will be able to log in.

  2. Under the Appearance link in the Admin panel choose Editor. This will take you to the “Edit Themes” tab. On the right side of the screen you should see a file called Header.php which is located in your theme directory. Look for the line that says <body> then place the following code immediately after it:

    <?php if (is_user_logged_in()){
    echo "";
    }
    else {
    auth_redirect();
    };
    ?>
  3. At this point, you should be able to save the modifications to the Header.php file and you should be done! HOWEVER, you might run into a situation where you see the following message at the bottom of the page:

    You need to make this file writable before you can save your changes.

    If that is the case, you are going to need to use an FTP program to change the permissions on the file before you can edit it.

Good luck and hope this helps!

Comments

  1. says

    A few months ago I decided to make one of my blogs totally private for family only. I did something similar to what you described above but, like you said, I had to register everyone.

    I found a nice plug-in named Absolute Privacy that does the following (straight from the author’s site):

    “Force registrants to enter first and last name
    Allow registrants to choose their own passwords
    Moderate users: new registrants cannot login until approved
    Get emailed every time an approval is waiting (with a link for quick approval)
    Lock out all non-logged in views from your website (configurable)
    Prevent subscribers from viewing admin pages (like their profile page and the dashboard)”

    I find it easy to setup and it works for my purpose. Just another alternative for your readers. The plugin can be found at:

    http://www.johnkolbert.com/portfolio/wp-plugins/absolute-privacy/

    and can be downloaded from WordPress.org at:

    http://wordpress.org/extend/plugins/absolute-privacy/stats/

Leave a Reply

Your email address will not be published. Required fields are marked *