Angsuman’s Authenticated WordPress Plugin - Password Protection for Your WordPress Blog
December 27th, 2005 by Angsuman ChakrabortyOverview
This WordPress plugin (tested on 1.5.x & 2.0) will make your blog accessible only to logged in users.
A must-have for paid-content publishers and privacy concerned bloggers.
This is a simple zero configuration plugin. It allows you to view any content, if and only if you are logged in.
Note: Please refer to WordPress Plugins (Free) Developed and Supported by Taragana.Com for a comprehensive list of all the plugins we have developed and provide for free. Any new plugin development requests (or enhancement requests) should also be indicated there as comments.
Update
For few users the plugin wasn’t directly redirecting but bringing up an intermediate page. Brian found a solution to this issue. The plugin has been updated with Brian’s fix. If you are facing this problem then you are strongly encouraged to download the new version. Otherwise you may continue with your existing version.
Note: We are working on a new version of this plugin. Please let me know the features you would like in the comments or email it to me at angsuman[at]taragana[dot]com. Lokking forward to your suggestions.
Use Cases
Paid Content Publishers
If you want to use WordPress to display paid-content to your users then this plugin is for you. It allows you to display your articles only to registered users. You can prevent non-paying users from registering on your blog by unchecking Anyone can register checkbox in Options / General screen. And then you can manually register the paying members (Users / Authors & Users screen under Add New Users section) who will then have access to site contents.
Private Bloggers
If you want to make your blog accessible to few people only (like family and/or friends) then this plugin is for you.
If you are writing on senstive topics which may cause problem in your professional / personal life then you can use this plugin to restrict access to the contents of this blog. Only you and your selected users will have access to the contents.
Note:
This plugin makes the whole blog inacccessible for non-logged in users including search engines. So long this plugin is active your blog contents will be inaccessible to search engines.
Disclaimer:
Use at your own risk. No warranties, expressed or implied are provided.
Download:
Angsuman’s Authenticated WordPress Plugin
Installation
http://codex.wordpress.org/Managing_plugins#Installing_a_plugin
Note: This Plugin supports one-click-install through WordPress Plugin Manager and is also available from WordPress Plugin DB.
- Upload ac_authenticator.php to your wp-content/plugins directory.
- Log in to WordPress.
- Click Plugins from the main menu.
- Scroll to find the name of the plugin - Angsuman’s Authenticated WordPress Plugin, and click Activate.
You are done!
Configuration & Usage
No configuration is required. Just activating the plugin is all you need to do and if you followed the installation steps above then you have already done that.
Enjoy!
Pages: 1 2
Tags: CMS Software, Headline News, How To, PHP, Pro Blogging, Tech Note, Web, Web Services, WordPress | | RSS 2.0 | Email this Article
December 27th, 2005 at 1:43 pm
[...] Angsuman’s Authenticated WordPress Plugin - Password Protection for Your WordPress Blog [...]
December 27th, 2005 at 3:37 pm
[...] Hay ocasiones en que nos puede interesar limitar el acceso al contenido y comentarios en nuestro blog a un grupo determinado de personas. Por ejemplo, deseas que el contenido sea solo accesible a los estudiantes del curso o los participantes de un taller. Con el Angsuman’s Authenticated WordPress Plugin puedes limitar el acceso a solo aquellos que tienen cuenta. El contenido del blog tampoco podrá ser identificado por los motores de búsqueda. [...]
December 28th, 2005 at 11:11 pm
[...] Password Protection,让你的blog只有注册/登陆后的用户才可以访问。 [...]
December 29th, 2005 at 5:04 pm
Hey I was testing this code, and if you are not registered, you CAN’T Register. If you log out, and try to register, it wants you to login to be able to access it.
Can you fix this?
December 29th, 2005 at 10:12 pm
I will post a fix today. Thanks for the catch.
December 30th, 2005 at 2:46 am
It has been fixed. Please download again.
December 30th, 2005 at 5:06 am
hello, does this plugin protect RSS feeds and the like? thanks.
December 30th, 2005 at 10:00 am
@Tin
Yes.
January 2nd, 2006 at 2:10 am
[...] Angsuman released his Authenticated WordPress Plugin to “make your blog accessible only to logged in users.” [...]
January 6th, 2006 at 8:43 am
Hi this is actually just a stupid ass guestion. If someone has fast solution please tell me. So I use this plugin and it seeeeems great! Only thing that i would like it to do is not take member to it’s profile page, i would like it to go straight into the mainsite. Any easy solution for that?, thanks!
January 10th, 2006 at 10:42 am
I have installled the plug in and it works great! Thanks so much. One thing - is it supposed to not re-direct when you hit the blog page if you’re not logged in?
For example - http://www.fearthepaint.com - is thaat the way it works? Or is something screwy with my server?
January 10th, 2006 at 11:19 am
It is supposed to re-direct. Check for a demonstration on http://test.taragana.net/
Can you check again after disabling all your other plugins. Let me know if that helps.
Have you made any modifications to core WP installation at all?
January 16th, 2006 at 12:35 pm
I have a quick question. I see that your demo does the redirect so that it automatically lands on the WordPress logon.
For some reason, mine does not. See http://powerswings.com/atwork/
What should I do?
Thanks!
January 16th, 2006 at 1:08 pm
Sorry - It happens with FireFox 1.5 Beta 2. Redirect works just fine with IE.
Thanks!
January 20th, 2006 at 3:41 pm
Hi,
Thanks for making this great plugin. One question: Is there a way I can get it to redirect straight to the login page *without* the screen that says “this document has been moved”?
Thanks again.
January 21st, 2006 at 9:24 pm
I’m having the same problem as Teresa. The redirect doesn’t work on my Mac with Safari or FF 1.5 - don’t know about IE (don’t care).
Thanks.
January 23rd, 2006 at 8:52 am
Ben & others,
I have been hearing this complaint sporadically. However I couldn’t reproduce it any of my test installations on windows NT or Linux.
If any of you would be kind enough to give me full access to a test blog (for a limited time) where the problem is happening, then I can look into debugging it.
Thanks,
Angsuman
January 24th, 2006 at 11:08 pm
Ben & others (facing the intermediate page issue),
The problem has been fixed as per suggestions by an user (details in the article). Please update your version and let me know.
Best,
Angsuman
January 26th, 2006 at 1:30 am
Hey.
thanks for a great plugin. I am using it for our companie’s internal blog. unfortunately, i cannot get my feeds working after installing the plugin. feeds in firefox are working just fine, but neither bloglines nor feedreader can find a feed (even if I point them to direct url of the feed). i think it has something to do with password protection. How do i solve this?
January 26th, 2006 at 8:13 am
Andrius,
I have a version in testing which allows fine-grained control over what you want under password protection. That should solve your problem.
January 26th, 2006 at 12:09 pm
wow! that would be great! when do you think it’s going to be available for public use?
January 29th, 2006 at 1:41 am
Hey,
Can’t use the plug-in.
I get trouble with this message :
Fatal error: Call to undefined function: nocache_headers() in … /Blog/wp-content/plugins/ac_authenticator.php on line 17
Can you help me ?
Thanks
A+++++++++++
February 1st, 2006 at 7:26 am
This new version workes fine - I don’t get “200 OK” message any more. Thank you very much for this plugin.
I’m also interested in using the plugin that allows control over what I want to be protected.
February 1st, 2006 at 2:28 pm
HI i have this problem.
I active the plugin and it’s all ok.
I’m not logged and he ask me to loggin
http://www.mywebsit.com/blog/wp-login.php?redirect_to=%2Fblog%2F
I try to connect but it answer me error. The redirect creates an error.
I have my websit in http://www.mywebsite.com/blog and it redirect me on http://www.mywebsite.com/blog//blog/
it redirect me to
http://www.mywebsite.com/gallery/wp-login.php?user=2&session= … e&referrer=http://www.mywebsite.com/blog//blog/
I have copperime 3.9 activated if deactive it all work
http://mvdkwast.free.fr/stilglog/index.php/wordpress-plugins/coppermine-plugin/
What I can Do?
help me please.
February 1st, 2006 at 3:47 pm
HI
I am using wordpress 1.5.2 and when using the following plugin I get the following error.
Fatal error: Call to undefined function: nocache_headers() in /fpgs/fpgshttpd/sunshine/wp-content/plugins/ac_authenticator.php on line 17
Is there any other way to fix this? Or is there a download for a previous version or something?
Thanks
February 2nd, 2006 at 8:20 am
@macsou
You can comment out/delete that line.
@dafebe
Apparently coppermine alters some global variable in its plugin. I would have to look into the copermine coded to determine what they are exactly doing.
February 2nd, 2006 at 8:22 am
Like “igobypaul” I am also interested in a plug-in similar to this that allows you to configure what is restricted. I need something more flexible than the all-or-nothing approach.
Any suggestions, links?
Thanks,
- jason
February 2nd, 2006 at 4:51 pm
TNX man!!!
this error there is only for admin
here you can downlod it
http://mvdkwast.free.fr/stilglog/files/coppermine-3.9.zip
and I think the file that give error is into coppermine-3.9\cpg\1.4x
very very TNX!!!!
February 8th, 2006 at 11:44 am
I am also interested in registered users being able to get RSS feeds. My newsreader NetNewsWire does have a place for authentication info, but it does not get past your protection. Is there any mechanism for getting the RSS feeds right now?
Thanks
Gerry
February 11th, 2006 at 7:54 am
hi
a couple of questions - the plugin looked ideal for what i need. I downloaded and activated it. now when I go to the blog i just see a white page in the browser - no errors just a white screen. So I read a little further in this posts comments and you mention that you have a selectable content protection plugin. Can you advise/point me in the right direction on either of these please.
with kind regards
Mike
February 14th, 2006 at 9:57 pm
Great plugin. Like many users, I’d love to see the ability for the RSS feeds to be accessable with a username and password. While I can’t see the RSS feeds of content currently, when I put a wordpress username/password into the RSS reader it connects, but returns an XML error…
February 17th, 2006 at 5:22 pm
Hey, I just downloaded this today and was trying to get it to work, but it doesn’t redirect to the log-in page for some reason. The only thing it does is give a blank page with this on it:
Warning: Cannot modify header information - headers already sent by (output started at C:\Inetpub\wwwroot\mt\quietindweller\index.php:2) in C:\Inetpub\wwwroot\mt\quietindweller\wp-content\plugins\ac_authenticator.php on line 18
Warning: Cannot modify header information - headers already sent by (output started at C:\Inetpub\wwwroot\mt\quietindweller\index.php:2) in C:\Inetpub\wwwroot\mt\quietindweller\wp-content\plugins\ac_authenticator.php on line 19
Warning: Cannot modify header information - headers already sent by (output started at C:\Inetpub\wwwroot\mt\quietindweller\index.php:2) in C:\Inetpub\wwwroot\mt\quietindweller\wp-content\plugins\ac_authenticator.php on line 20
If you can help; I’d appreciate it very much.
February 18th, 2006 at 12:49 am
Which version of WordPress are you using?
February 18th, 2006 at 8:29 am
I’m using WP 2.0.1
February 21st, 2006 at 1:46 am
i’m using wordpress on bluehost (if that matters)
installed the plug-in per instructions and it gave me the same error message as michelle on line 17
commented out the nocache_headers() line (forgive my illiteracy, used // in front of the line to comment out, fyi)
the plug-in seemed to work but upon login as a guest redirected to a profile update within wp-admin and wouldn’t click through to the site.
any thoughts or help would be very much appreciated.
thank you.
February 21st, 2006 at 4:01 am
Please provide me the site url.
Is guest a created user?
February 21st, 2006 at 8:25 am
yes, thank you. i did create “guest” as a user with a password. the entry worked but “guest” was redirected into a profile page with tab in wp-admin and clicked through to the wp-admin home page from “view site.” please email me and i’ll be happy to provide the url, which is private. thanks.
February 21st, 2006 at 8:26 am
yahoo.com - sorry.
February 21st, 2006 at 8:38 am
yes, a user (guest) was created with a password. the login worked, off the wordpress login page, and was directed to a tabbed profile page in wp-admin. the “view site” link then led to the admin home page in wp-admin rather than the site home page. for now url is private - will gladly provide via email. many thanks.
February 21st, 2006 at 12:03 pm
Please send it to angsuman[at]taragana[dot]com
February 22nd, 2006 at 2:03 am
I am running WP 2.0.1 The password protection works for the site, but the feeds are not protected. Any idea why the feeds are still wide open?
February 22nd, 2006 at 11:08 am
Let me clarify. The feed link on the WP page does require a password to use. But, a user can manually type in the exact URL of the wp-rss2.php file and read the feed without using a password. I guess the question is, “How do I completely protect the feed to prevent this type of access?” Maybe .htaccess restriction?
February 22nd, 2006 at 12:29 pm
I can add that easily to the plugin.
Alternatively you can use .htaccess. But then you will have to manually manage the access to your blog. Also it is more complicated than the plugin way.
February 22nd, 2006 at 12:31 pm
A simpler solution for you would be to rename the wp-rss2.php file and similarly change the name wherever it is referenced in code. This is called security by obscurity
February 22nd, 2006 at 4:44 pm
Hi. I’m having a same or similar problem as reported by Fred above. When I login, it automatically redirects to the dashboard or profile page. When I click on the “view site” link, it redirects once again to the /wp-admin/ directory. I’m running WP 1.5 on FreeBSD.
Any ideas for a solution?
Thanks.
March 2nd, 2006 at 1:16 am
Angsuman,
could you tell us when approximately a new version of the plugin will be available. a version which would allow users to subsribe to RSS/Atom feeds.
Thanks
March 2nd, 2006 at 4:50 am
I hate to make promises I cannot keep. I will try my best to make it available as early as possible.
March 4th, 2006 at 12:44 am
Angsuman, I have the same problem of Fred and John, my blog is protected but i can’t see the main page of the blog… i only can see the wp-admin/ page!… do you have a solution?!
Thanks!, elisa
March 7th, 2006 at 5:39 pm
I am running into the same issue as Elis, Fred and John… I have WP 1.5.2 installed on Unix and had to comment out nocache_headers(). Any ideas as to how this can be fixed?
March 8th, 2006 at 4:35 pm
Hi, great plugin! A solution for the RSS-issues would be very appreciated. I want to share RSS only with registered users.
Thanks
March 9th, 2006 at 3:22 pm
I thought this was fixed, but I guess not because I just installed the plugin, and it works great minus one glitch……you can’t register. White screen.
March 10th, 2006 at 8:29 am
Hello,
This looks great… but I can’t get it to work on WP1.5 - I’m getting the “Fatal error: Call to undefined function: nocache_headers() in … /Blog/wp-content/plugins/ac_authenticator.php on line 17″ error.
Can this be fixed?
If I comment out nocache_headers then I can’t view my blog at all
Look forward to getting this working!
Cheers,
James
March 11th, 2006 at 4:40 pm
Hi,
GREAT PLUGIN!
I have one problem. When you try to use try to view individual files within the wordpress dirrectory, they are visible without a password (example: http://yoursite.com/wordpress/photo1.jpg). Is there a way to fix this? Would modifying your .htacess file hep? How would you go about doing this?
Also, I was curious to see if anyone has found a plugin which allows users to register, but does not send them a password to your site until an admin has checked them over.
Thanks for your support!!
March 12th, 2006 at 12:53 pm
[...] [...]
March 18th, 2006 at 11:13 pm
I’m getting the same error many have posted here.
“Fatal error: Call to undefined function: nocache_headers() in … /Blog/wp-content/plugins/ac_authenticator.php on line 17″ error.
Can you please post a resolutions to this?
thank you.
March 27th, 2006 at 5:55 pm
I encountered some errors, similar to those noted by other commentors. I made the following changes to the plugin and it now seems to work in WordPress 1.5.2.
change
if ( (!empty($_COOKIE[USER_COOKIE]) &&
!wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true)) ||
(empty($_COOKIE[USER_COOKIE])) ) {
nocache_headers();
to
if ( (!empty($_COOKIE['wordpressuser_' . COOKIEHASH]) &&
!wp_login($_COOKIE['wordpressuser_' . COOKIEHASH], $_COOKIE['wordpresspass_' . COOKIEHASH], true)) ||
(empty($_COOKIE['wordpressuser_' . COOKIEHASH])) ) {
//nocache_headers();
March 30th, 2006 at 12:01 am
Thanks for yje tips.
May 1st, 2006 at 6:05 am
[...] Page du plugin sur le site de l’Auteur [...]
May 16th, 2006 at 8:23 pm
I modified this plugin to allow a preview of content via the RSS feed but to block access without logging in. This will allow members to receive updates via RSS regarding new content without violating privacy. I will only include a summary (or nothing other than a title) in the RSS feed.
While this doesn’t fix the problem of allowing authenticated users access to RSS feeds, it does mitigate it somewhate. The code is rough and may or may not work depending on your server configuration:
";$dd_test = get_bloginfo(’rss2_url’);
//echo $dd_test;
if ($dd_thispage != $dd_test){
if ( ( !empty($_COOKIE[USER_COOKIE]) &&
!wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true)) ||
(empty($_COOKIE[USER_COOKIE])) ) {
nocache_headers();
header(”HTTP/1.1 302 Moved Temporarily”);
header(’Location: ‘ . get_settings(’siteurl’) . ‘/wp-login.php?redirect_to=’ . urlencode($_SERVER['REQUEST_URI']));
header(”Status: 302 Moved Temporarily”);
exit();
}
}
}
if(’wp-login.php’ != $pagenow && ‘wp-register.php’ != $pagenow) add_action(’template_redirect’, ‘ac_auth_redirect’);
?>
May 17th, 2006 at 5:23 am
Thanks, Harvey!
Forgive my ignorant question, but where does this code go?
May 17th, 2006 at 8:06 am
The code was chopped up a bit when I posted. All you really have to do is change the function in the ac_authenticator.php plugin file.
From:
function ac_auth_redirect() {// Checks if a user is logged in, if not redirects them to the login page
if ( (!empty($_COOKIE[USER_COOKIE]) &&
!wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true)) ||
(empty($_COOKIE[USER_COOKIE])) ) {
nocache_headers();
header(”HTTP/1.1 302 Moved Temporarily”);
header(’Location: ‘ . get_settings(’siteurl’) . ‘/wp-login.php?redirect_to=’ . urlencode($_SERVER['REQUEST_URI']));
header(”Status: 302 Moved Temporarily”);
exit();
}
}
To:
function ac_auth_redirect() {// Checks if a user is logged in, if not redirects them to the login page
$dd_thispage = “http://www.yourblog.com”. $_SERVER["REQUEST_URI"];
//echo $dd_thispage . “”;
$dd_test = get_bloginfo(’rss2_url’);
//echo $dd_test;
if ($dd_thispage != $dd_test){
if ( ( !empty($_COOKIE[USER_COOKIE]) &&
!wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true)) ||
(empty($_COOKIE[USER_COOKIE])) ) {
nocache_headers();
header(”HTTP/1.1 302 Moved Temporarily”);
header(’Location: ‘ . get_settings(’siteurl’) . ‘/wp-login.php?redirect_to=’ . urlencode($_SERVER['REQUEST_URI']));
header(”Status: 302 Moved Temporarily”);
exit();
}
}
}
Hopefully that code didn’t get chopped up. I’m still testing it, but I think it works. Anyway, it is a start to the dialog about how to set authentication conditionally for specific urls. Byt the way, this code only frees up the main feed for your blog (blog.com/feed) and assumes that you have friendly urls turned on.
In order for the code to work on your blog, you must edit this line to include your base url:
$dd_thispage = "http://www.yourblog.com". $_SERVER["REQUEST_URI"];Let me know if you have other questions.
May 18th, 2006 at 4:05 am
Hmm. It gives me a parse error on line 14…
May 18th, 2006 at 1:04 pm
[...] Angsuman’s Authenticated WordPress Plugin - Password Protection for Your WordPress Blog -Simple Thoughts - Java and Web Technology Blog Du kan velge om du vil kun la registrerte brukere lese bloggen din, eller om du vil totalbeskytte den helt ved å skru av registrering. [...]
May 22nd, 2006 at 3:21 am
Iim looking at your plugin and it looks great but do you have a version that does the following:?
The user can view the blog as a ‘guest’ but only see say 30 words (a variable that can be changed by admin). The user has to click on the 30 words (a link) to see the full artical, then the username/password screen appears. If the username and password are correct they can see the full artical.
This is a feature that i urgently need. Any Help?
May 23rd, 2006 at 1:49 am
Thank you for a great plug-in.
I also required an approval system for each new user - so I can reject unapproved users before they get to view the site.
I found a simple system that did this
Can you include this function in your plugin?
thanks again for a great plug-in.
June 4th, 2006 at 10:43 am
[...] Wordpress unanimidade em soluo para blog. H uns trs anos, quando comecei minha vida blogger, eu mesmo escrevia um pequeno gerenciador de notcias, mas isso no se mostrou to eficiente. Depois disso, adotei o AJ-Fork, mas esse tambm no se mostrou to eficiente. Adotei o Wordpress e agora relato alguns plugins bastantes interessantes, que uso aqui, ou na extranet da empresa (sim, aonde trabalho estamos desenvolvendo uma extranet). Browser Sniff: exibe informaes de browser e sistema operacional de quem comenta. A Different Monthly Archive Script: exibe o arquivo de posts em forma de tabela. PHP Highlighter: colore a sintaxe de scripts PHP Quote from TXT: Frases aleatrias de um TXT no blog Subscribe to comments: Adiciona um campo no formulrio de comentrios que permite acompanhar as discusses por email IP2Nation: Exibe o pas de quem comenta Weighted Categories: Exibe as categorias do blog em formato tagcloud, ou seja, categorias com mais posts em maior tamanho de fonte Angsumans Authenticated: Restringe o acesso ao WordPress apenas a usurios cadastrados. Live Search: busca estilo Google Suggest AdSense-Deluxe: plugin para melhor gerenciamento do Adsense Publicado em 04/06/2006Tagcloud: php, wordpress var oldtitle = document.title; document.title = ‘leonardofaria.net // weblab // Top plugins para Wordpress’; [...]
June 13th, 2006 at 8:19 pm
Blee: that parse error on line 14 is probably because the strange quotes were converted to invalid code when you copy pasted. Make sure all the quotes are corrected after pasting. works fine for me.
June 15th, 2006 at 1:40 pm
Great plugin, thanks. I’m using our blog as a resource site for sales reps, so it’s a perfect solution to keeping confidential info under wraps.
I’m concerned, however, because after logging in, somtimes I’m directed to the blog, and sometimes to the admin panel (but I can’t figure a way to replicate one result or the other. This seems to be happening to me in both Firefox and IE). I think this is the same problem Fred was having, but I can’t tell from the comments what the solution was.
I’ve looked at the plugin code, but I don’t know enough to figure out where or how to fix this. Any ideas?
June 15th, 2006 at 3:30 pm
Try clearing your cookies.
June 15th, 2006 at 9:06 pm
if i log in as admin, i’m redirected to the admin page. if i click on “view site,” i stay on the same page. if someone registers, he or she is directed to the profile page. when an attempt is made to click on “view site,” the user is stuck on the profile page. any ideas? thank you.
June 21st, 2006 at 4:22 pm
I’m dealing with the same types of things as Lisbeth & Jordon.
When we login, we are sometimes directed to the profile page, and sometimes the website. I have cleared my cookies and still have the same problem.
I’d really rather have them go to the website right off the bat. Is there somewhere I can specify a certain page to be redirected to?
Thanks!
June 26th, 2006 at 7:32 pm
嘿,大家好,有做网站的吗?推荐一个虚拟主机服务商,提供高品质的虚拟主机服务,不容错过哟.
——-
环球万维(http://www.netinter.cn),专业虚拟主机、域名注册、服务器租用服务商!20项虚拟主机领先管理功能,系统全自主开发。强劲的技术实力,贴心的客户服务。是企业上网,个人建站的首选网站空间提供商,优惠价100元起
June 28th, 2006 at 8:12 am
[...] Angsuman’s Authenticated WordPress Plugin - Password Protection for Your WordPress Blog -Simple Thoughts - Java and Web Technology Blog (tags: Wordpress plugin password authentication) [...]
July 1st, 2006 at 12:14 am
One difficulty I can’t resolve: if /blog is protected by the plugin then /blog/file.zip or /blog/anydir/file.zip are not, and if one types the address one can quite happily download the file without any authentication. Is there a way to protect such a file from download?
July 9th, 2006 at 5:41 am
Thanks for a great plugin. But I have one problem - I run a site that only my family sees - trouble is - some of them can’t login - it just doesn’t seem to work! I have fully tested it on several computers and it works fine - but I don’t have access to theirs - could it be a firewall issue?
July 9th, 2006 at 7:29 am
Tell them to clear the browser cache and try again.
July 9th, 2006 at 11:23 am
I will have a pro version of this plugin soon.
July 13th, 2006 at 2:42 am
Looking forward to the Pro Plugin. How soon is soon:)
I run into the same issue as others that after logging in the visitor is re-directed to the profile page instead of the posts. I hope the Pro version will help in this case.
Actually, if possible I would like an option that access of a logged in user to be totally limited to reading posts and have no other rights at all (or only of seeing his profile) so he won’t be bothered with all the rest of the dashboard which is of no use to the user anyway.
Anyway, the plugin is really great already and I am looking forward to future versions. Thanks
July 21st, 2006 at 6:53 pm
Hi Angsuman,
Would it be possible to do something with the plugin so that it can protect a certain area of the site instead of the whole blog?
I’d like most of the site to be public exept for one restricted area where people need to be logged in to access it.
Even better would be something where i would have a public area, a restricted area and parts within the restricted area that would be accessable by certain users.
For example, let’s say i want a blog for a school. The blog is viewable to everyone without logging in exept for one restricted area. That area is accessible for registered students / teachers / parents. Some of the parts can be viewed by teachers but not by students, some of the parts can be viewed by students but not by regular visitors. Something like that.
I think the last thing would be very hard to create. But perhaps the first thing would be a nice idea. I think a lot of people would be interested in that. A few normal pages for everyone and a restricted area for the registered users.
July 24th, 2006 at 8:54 am
I’ve having trouble, similar to dafebe’s.
If I goto
https://domain.com/blog/wp-login.php
it logs me into the wp admin panel without any problems
but if I goto
https://domain.com/blog
it changes the url to
https://domain.com/blog/wp-login.php?redirect_to=%252Fblog%252F
if I log in using that url I (obviously) get the message
The requested URL /blog/2Fblog2F was not found on this server.
Any ideas?
July 24th, 2006 at 9:42 pm
[...] Angsuman’s Authenticated WordPress Plugin - Password Protection for Your WordPress Blog -Simple Thoughts - Java and Web Technology Blog (tags: Wordpress plugin password authentication) [...]
August 5th, 2006 at 7:35 am
Ce script est tout à fait génial. Merci beaucoup pour cet apport à WP. Il fonctionne bien avec tous les navigateurs sur Mac.
August 24th, 2006 at 11:10 pm
Hi,
Is there a quick extra check you can do to say everything but the main page (the one that list the most recent entries)?
It’s probably because I’m not familiar with the API, but I would assume it’s just a “&&” to this line?
if('wp-login.php' != $pagenow && 'wp-register.php' != $pagenow) add_action('template_redirect', 'ac_auth_redirect');Regards,
Steph
August 25th, 2006 at 12:44 pm
[...] Got another optional WordPress plugin for you to try this morning: Angsuman’s Authenticated WordPress Plugin [...]
September 7th, 2006 at 3:11 pm
[...] Heute habe ich ein neues Wordpress-Plugin entdeckt: Angsuman’s Authenticated Wordpress Plugin. [...]
September 15th, 2006 at 2:40 am
I agree with Mathijs. It would be awesome if you could use this plugin to make only certain sections/post/pages inaccessible to unregistered users, instead of the entire blog.
September 15th, 2006 at 6:45 am
We will provide it in the new version. We are working on a new version of this plugin. Please let me know the features you would like in the comments or email it to me at angsuman[at]taragana[dot]com.
September 15th, 2006 at 6:52 am
[...] We are working on a new version of Authenticated plugin. Please let me know the features you would like in the comments or email it to me at angsuman[at]taragana[dot]com. We will provide several features and granularity in the functioning of this plugin. All the reported issues with the previous version will be solved. It will be a galaxy apart in terms of functionality over the Authenticated plugin. It will be targeted for WordPress 2.x blogs. [...]
September 23rd, 2006 at 12:10 pm
thank you very much for Angsuman’s Authenticated WordPress Plugin
September 24th, 2006 at 5:13 am
I have just installed your plugin on a new blog I am doing and first - thank you!
II ave a question, though - My feed reader (netnewswire) does not pull the posts even though I have the correct password …
I click on the RSS button in Safari, the feed gets added, but no posts appear.
… I have no doubt that this is user error- any thoughts on what I am doing wrong?
Again, thank you. Without this plugin, I wouldn’t have been able to have published my new blog.
–Jim
September 26th, 2006 at 4:18 pm
[...] I think this blog is a helpful way to discuss ideas. For example, today we’re talking about the photo shoot: what we learned, what we would do differently, etc. This seems much better than a long, chopped-up email, and it’s permanent. I can see value in having an internal blog. (Also, with a download and a few clicks, we could password-protect this blog and seal it off.) [...]
September 28th, 2006 at 2:21 pm
People can still click the ‘register’ link and access the site. Can I just take off the ‘register’ link from the page?
I want to make this a paid membership blog where I manually create each user.
Thanks,
Scott….
October 3rd, 2006 at 10:26 am
really looking forward to the new version.
thanks a lot for your work!
dom
October 6th, 2006 at 3:09 am
[...] Install Angsuman’s Authenticated WordPress Plugin - Password Protection for Your WordPress Blog [...]
October 16th, 2006 at 2:09 pm
Great plugin - thanks!
October 17th, 2006 at 12:39 am
@Scott,
We will be supporting it in the next version.
October 19th, 2006 at 3:55 am
[...] Wer sein Blog abschotten will, dem hilft das Angsuman’s Authenticated WordPress Plugin. Damit ist nur ausgewählten Gäste der Zugang und das Lesen im Blog möglich. [...]
October 20th, 2006 at 10:29 pm
[...] I knew there was a way to do this with WP… I didn’t want to have to use a forum software as the CMS for this functionality, because, the actual forum aspect would have been superfluous… don’t add more than you need seems to be a good policy……. anyway, my pal Kichus pointed me in this plug-in direction….. thanks Kichus… kf [...]
October 28th, 2006 at 1:12 am
[...] wer also sensible informationen hat, nur eine feste leserschaft (verein? firma?) wünscht, sollte sich einmal das “authenticated wordpress plugin” ansehen. [...]
November 1st, 2006 at 3:53 pm
[...] Anyway, these novel logs (and other writings) won’t be public and will be for special interested, so most of the site will be for logged in users only. I’ve used Angsuman’s Authenticated WordPress Plugin for this purpose together with the “hide this site from the nasty robots” option that comes with WPMU. [...]
November 13th, 2006 at 6:20 pm
Fantastic plugin, many thanks.
November 14th, 2006 at 1:21 am
We are working on a much better version of the plugin. We plan to release it in the first week of December.
November 20th, 2006 at 12:02 am
[...] I checked the plugins database, and sure enough, someone had already created a plugin that makes any existing WordPress blog private. I had it up and running in ten minutes, and now, anyone who would like to create an account over at About The Baby can do so, and I’ll know about it immediately. Any hacker sorts who want to pound on it or tell me where the security holes are, please be my guest. [...]
December 8th, 2006 at 6:58 pm
[...] Ein nettes kleines Plugin, mit dem man verhindern kann das Dritte auf dem Blog Einträge lesen können. Um Beiträge zu lesen, muss ein User mit Password existieren mit dem sich die Person einloggen muss. Erst dann ist es möglich Einträge auf dem Blog zu lesen. Irgenwie ganz nützlich, ausserdem schwer zu googeln! [...]
December 9th, 2006 at 7:15 pm
Hi thanks for the great work and i was thinking of:
what if there are private and public users.the private users can read all the comment and blogs but the public user can read blogs and only the public comments
I sorta need it so i thought you might wanna added to the next version its great to have it .
thanks again
December 14th, 2006 at 6:52 am
[...] La seule nuance étant que j’ai du limité l’accés aux seuls employés de la société. J’ai donc utilisé le plugin d’Angsuman qui permet de restreindre l’accés au blog aux seules personnes enregistrées, puis modifier un peu la page d’enregistrement pour ne la rendre accessible qu’aux personnes possédant un email de la société cliente : [...]
January 2nd, 2007 at 8:14 am
thank you sooo much! I’ve been looking for something like this.
Works great!
January 17th, 2007 at 11:03 am
[...] Translator Plugin Pro 4.0 supports translation even for password protected blogs. Translator 4.0 can translate even password protected blogs and pages, accessing the documents with the same privilege as the requester. You can, for example, use Authenticated User plugin to password protect your blog and yet Translator Pro will be able to translate pages for priviledged users (who has the permission to access the blog). [...]
January 20th, 2007 at 11:43 am
This is a great plugin — thanks. however, I’m having the same problem as fred, john, and ellis. I’m running version 1.5.2? Will upgrading to 2.0 help? Any word on the new version of the plugin?
Thanks again,
Cameron
January 25th, 2007 at 12:37 am
Exactly what I was looking for to set up a private sandbox area. Thanks for the excellent work. I’ve never had a problem with your plugins.
January 25th, 2007 at 8:39 am
Any chance of getting this working with wordpress 2.1?
January 26th, 2007 at 9:23 am
It works with WordPress 2.1.
January 29th, 2007 at 4:45 pm
GREAT plugin! I would LOVE for the next, more controllable version to come out soon. I want my feed to be able to be public, but my site to not be viewable to anyone that doesn’t have a wordpress login.
I’d also love a way to approve newly registered users — a sort of “apply for membership” process.
Thanks!
February 22nd, 2007 at 11:08 pm
Hi- I’m curious about what happens to all of the data collected from users? Does it get saved somewhere? Say I want to export the emails of all the people who have signed up. Is this possible?
February 28th, 2007 at 5:48 pm
This plugin has really helped me out on different occasions. Thank you!
April 12th, 2007 at 3:03 pm
Hi,
the RSS feed isn’t accessible due to the login page. Maybe change it to HTTP authentication?
J
April 17th, 2007 at 4:40 am
Hello,
Just wanted to ask whether there was any status update on a version that would support authenticated RSS feeds?
Many thanks!
Kind regards,
–
Matt Henderson, MakaluMedia Group
http://makalumedia.com | +34 952 900 776 | +1 404 975 0988
May 6th, 2007 at 5:10 am
Hi Folks
I really like your plugin despite the fact that in FF 2.0.0.3 using Wordpress 2.1.3 I can access http://www.url.com/feed/ without having to log in. Can you fix this?
Thanks
May 31st, 2007 at 4:47 am
Very nice plugin.
Thank you for sharing your work. I apprecaite it. No problems here and keep up the wonderful work.
Kind regards,
-Alex
June 13th, 2007 at 12:19 pm
Hi,
thanks for the great plugin. Not sure if this is already included in the many posts above, but similar like igobypaul and Jason, I was looking for functionality to allow some pages unrestricted. Using combination of WordPress customs field and replacing the code of the function ac_auth_redirect with the code below solved my problem.
*** Modification: In case custom field “ispublic” with value “yes” is added in the post/page, the sites will be accessible for not authenticated users as well. Works however only if the starting /default WordPress page is set up to the unrestricted page.
global $post;$post_id = $post->ID;
$key = “ispublic”;
$single = true;
if(get_post_meta($post_id, $key, $single)!=”yes”) {
if ( (!empty($_COOKIE[USER_COOKIE]) &&
!wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true)) ||
(empty($_COOKIE[USER_COOKIE])) ) {
nocache_headers();
header(”HTTP/1.1 302 Moved Temporarily”);
header(’Location: ‘ . get_settings(’siteurl’) . ‘/wp-login.php?redirect_to=’ . urlencode($_SERVER['REQUEST_URI']));
header(”Status: 302 Moved Temporarily”);
exit();
}
}
June 29th, 2007 at 10:34 am
hi angus,
fantastic plugin but i want to allow anyone to view my site but i have a private diary on there which doesn’t show in the posts or categories (using the category visibility plugin at http://ryowebsite.com/wp-plugins/category-visibility/ ) but you can access it if you know the page/cat number… i want to restrict access to this category only…
any help would be much appreciated…
thanks, toby
July 10th, 2007 at 2:40 am
Thanks! This is a great solution and exactly what I needed. Only blog members can access the blog and blog member management is handled by the administrator. Great!
July 16th, 2007 at 4:40 am
I think these blog is really useful for new comers and Excellent resource list.
July 17th, 2007 at 5:02 am
very cool plug-in. solved my headache when “privatizing” my blog’s content
thx for this! d.
July 27th, 2007 at 3:11 pm
kool plugin!
as for the new version: i would like to be able to subscribe to feeds. they are not working in feedreaders like vienna (os x).
browsers are fine though.
thanks!
m
September 4th, 2007 at 5:09 pm
Great work, thanks!
Does exactly what i was searching for!
September 6th, 2007 at 10:53 am
I have just installed your plugin on a new blog..i’m a beginner…thank you!
September 23rd, 2007 at 11:24 am
This plugin is great. I use for wordpress 2.2.3 and it’s work very well
September 24th, 2007 at 4:29 am
Hi Angsuman,
This is a wonderful plug-in and did just what I wanted. However, it seemed to hang and I closed the page… I cannot access the blog thereafter. It gives a wordpress error that wordpress cannot connect to the database.
Could you suggest a fix?
Thanks,
mk
September 24th, 2007 at 10:51 am
mk,
It has nothing to with the plugin. You MySQL database is simply down. Please restart it and your problem will be solved.
September 25th, 2007 at 1:06 pm
Hi Angsuman,
I used your plugin with a learnerblogs.org blog this summer with no problems; users had to register with learnerblogs and then I had to add them to the blog. I tried the same thing with an edublogs.org blog, and my colleague was able to view the blog with her edublog username and password, but without me adding her to my users. This isn’t enough privacy for this blog - is there any way you can help me?
Thanks, Shona
September 26th, 2007 at 12:44 pm
HI,
Your nice plugin has worked for quite some time. Right now I am getting
Warning: Cannot modify header information - headers already sent by (output started at /var/www/web216/html/internal/wp-includes/wp-db.php:160) in /var/www/web216/html/internal/wp-content/plugins/ac_authenticator.php on line 18
If I disable the plugin the webpage is almost 100% OK. I am getting an error at the top, but the rest is OK
WordPress database error: [Table 'usr_web216_2.wp_post2cat' doesn't exist]
SELECT DISTINCT(post_id) FROM wp_post2cat WHERE category_id=2
To make the story complete I did an update to WP 2.3 after the problems occurred.
Any idea on what could be going on here?
September 30th, 2007 at 6:20 pm
Hallo Angsuman,
great plugin. As many others have asked before: Is there any status update on a version that would support authenticated RSS feeds?
Best regards,
Dennis
October 5th, 2007 at 2:33 am
Thanks!! It works wonders!
October 5th, 2007 at 10:16 am
In WP 2.3 it produces this error message after posting a post which posts successfully.
WordPress database error: [Unknown column 'user_level' in 'where clause']
SELECT ID FROM wp_users WHERE user_level > 0
WordPress database error: [You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1]
SELECT post_author, post_title FROM wp_posts WHERE ID =
When is the new version coming out?
October 8th, 2007 at 7:58 am
Hello,
Fantastic plug-in, works great!
One question: Is it possible to redirect users directly to the homepage after login, i.e. http://www.yourdomain.com instead of going to the WP dashboard/profile page?
If yes, where should I make that possible in the code?
Thanks already!
Ralph
November 28th, 2007 at 11:00 am
Hello, great plugin but I wonder if you could make it so that the site is accessible, just not the blog posts. I still want people to see the site and the pages, but I want the posts to require that a user is logged in.
thank you
matt
November 30th, 2007 at 4:31 am
re (136) i vote for this as well, please!
December 30th, 2007 at 12:09 pm
If you want to redirect to the blog instead of the admin-panel after login:
- open the file “wp-login.php” in the wp-root
- search the line “$redirect_to = ‘wp-admin/’;”
- delete “wp-admin” (keep the slash)
- save and upload the file “wp-login.php”
Attention: I’m no programmer and I don’t know, if that’s a “legal” solution - but for me it works. Just use this instruction at your own risk.
regards
Thomas
January 1st, 2008 at 11:51 pm
Is there a way to include a “register” link also? I’d like people to be able to register themselves and then have me be able to approve it (this works in unmodified WP…)
Thanks
January 2nd, 2008 at 7:18 am
Hello,
Thnks for this wonderful plugin.I am using this for my company’s internal blog.Though the plugin works fine for the blog which is ‘n-syst.com/blog’ but it fails to protect other pages like ‘n-syst.com/blog/links.php’.The case is same with uploads. I want to upload files containing confidential information and i cannot put this information post content as it also includes excel files.
Please suggest some solution.
Thnks
Prachi
January 3rd, 2008 at 12:10 am
I got the solution for my problem.Need to call this function in my header:.
Thnks anyways.
January 3rd, 2008 at 12:16 am
I got the solution for my problem. Just ned to call this function in my header ‘ac_auth_redirect();’
Thnks anyways.
January 9th, 2008 at 11:15 am
great plugin man.. do you have more?:D
January 23rd, 2008 at 3:20 am
Great Plugin.
Thanks a lot!
February 3rd, 2008 at 2:36 pm
thank you very much for Angsuman’s Authenticated WordPress Plugin!
February 8th, 2008 at 5:12 pm
@143: Exactly where do I need to put ‘ac_auth_redirect();’ for the protection of files to work?
February 8th, 2008 at 7:25 pm
Jakob,
Put it at the top of your files like this:
<?php ac_auth_redirect(); ?>
February 8th, 2008 at 7:29 pm
Hi Guys,
This is a great plugin except for the issue of feeds.
Any chance that you are going to change it so it handles feeds … any time soon?
Thanks.
February 8th, 2008 at 7:35 pm
For those of you looking for a way to authenticate Users before they are allowed access to your protected blog … use this plugin: http://www.dealsway.net/2007/09/04/wp-user-moderation/
I have it working on a client’s company blog & it works great with angsumans-authenticated-password-protection plugin.
February 9th, 2008 at 6:58 am
Craig,
We have a separate version which allows for password protected feeds, understandable by all feed readers. Alternatively we can open the feeds too.
Please make a payment of 30$ to sales at taragana dot com for a copy.
Best,
Angsuman
February 10th, 2008 at 1:30 pm
Great plugin. Thank you!
I was wondering what you guys use to track logged in users. I tried Wassup but it shows is not easy to read who actually tried to login (unsuccessfully) and who was able to read (i.e. logged in).
Thanks.
February 10th, 2008 at 1:46 pm
Hi Angsuman,
Couple of things:
1. URL of page about Paid version of Authenticated Plugin?
2. Pay via PayPal?
3. You state: Alternatively we can open the feeds too. Do you mean on the free version or the paid?
Thanks.
–Craig
February 10th, 2008 at 1:58 pm
Also, if you mean “open the feeds” on the free version … How/Where?
Thanks!
February 19th, 2008 at 3:52 pm
I have been using the plug-in for a while it is perfect. Thanks. Would you know how to establish a whitelist of authorized registrants be their e-mail address after the @? I want to allow registrants to my blog from a specific company.
Thoughts?
DS
March 30th, 2008 at 8:29 am
Unfortunately, WordPress 2.5 seems to break this plugin. That’s a big problem for me, since I have a site that depends on it.
Does anyone know of a fix? Alternatively, will there be a new version?
Many thanks.
March 30th, 2008 at 2:35 pm
We will test the plugin on Monday against WordPress 2.5. We will issue an update, if necessary.
March 31st, 2008 at 8:06 am
Many thanks.
The problem seems to be in the way it redirects once you login. In both Firefox and Safari (in OS X), it produces an infinite loop of redirection that never leads to the blog.
March 31st, 2008 at 8:04 pm
yeah I had the same “infinite loop” issue with my blog as well. It is possible to reach the admin side of the house–just not the public pages.
Hope someone figures out the problem. This is a great plugin.
March 31st, 2008 at 11:23 pm
We will look into it.
March 31st, 2008 at 11:33 pm
After poking around the 2.5 code, here’s what I came up with for a quick fix…
Simplify the if statement in ac_auth_redirect() to the following:
if ( !wp_validate_auth_cookie() ) {Works for my purposes.
April 1st, 2008 at 4:25 am
Hi, the same here. Cannot access my post after upgrading to WP 2.5. Thanks for any fix you might provide… D.
April 1st, 2008 at 7:02 am
I think I\\\’ve found a sollution to get the plug-in to work with WP 2.5!
This line of code should be added:
global $pagenow;If you add this simple line to the plug-in it works fine again. This line should be placed directly under the header-comment.
The complete code should be like this:
The reason why it didn\\\’t work with WP 2.5 is probably because of a change in the global scope of the plug-ins.
If you have any suggestions or comments, please send me an email: evilyouri (at) hotmail (dot) com
April 1st, 2008 at 11:41 am
As as possible feature could we allow RSS feeds to be open but all other pages protected? I’m thinking this will allow people a preview of the postings via RSS feeds without needing to login/having an account.
Looking forward to the WP 2.5 fix before upgrading my sites–Thanks!
April 1st, 2008 at 12:10 pm
Also not able to use this plugin with WordPress 2.5. Looking forward to a working update!
April 2nd, 2008 at 1:32 am
I had the same problem with the infinite loop a while ago, when I was using the unstable version of WP. I fixed it by replacing this line:
if ( (!empty($_COOKIE[USER_COOKIE]) && !wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true)) || (empty($_COOKIE[USER_COOKIE])) )
with this line:
if ( !is_user_logged_in() )I don’t know if that is strictly correct, but it seems to work fine. Hope that helps.
Cheers
Julian
April 2nd, 2008 at 8:39 am
Ok, is good in WP 2.5
Reno
April 3rd, 2008 at 3:31 am
Problems after update to wordpress 2.5.
Hi there. I also encountered that “inifite loop” problem mentioned above. I’m not so deep into wordpress code, but I was able to re-establish all plugin features by replacing
if ( (!empty($_COOKIE[USER_COOKIE]) && !wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true)) || (empty($_COOKIE[USER_COOKIE])) ) {by
$user = wp_signon();if ( is_wp_error($user) ) {
Seems to work perfectly the way it should.
April 3rd, 2008 at 4:45 am
I solved it the same way Julian did, using the is_user_logged_in() function. I would think it\\\’s a better solution to use the built-in WP functionality as well…
The plugin is working perfectly for me now.
Cheers,
Carl-Johan
April 3rd, 2008 at 9:42 pm
Michael Niessl\’s code (comment 167) is working for me, as well.
Thanks!
April 4th, 2008 at 12:16 am
thank you, Michael, works fine.
April 5th, 2008 at 4:11 am
thanks a lot, works fine for me, too!
April 6th, 2008 at 2:30 pm
I used Julian’s code and the plugin works fine in Internet Explorer. However, when I try to log in with Mozilla, it says incorrect password. I tried clearing the cache, etc. Anyone else have this problem with Mozilla?
April 10th, 2008 at 12:43 am
I used Michael Niessl’s code and it worked!!!
Thanks!
April 10th, 2008 at 3:43 pm
Thanks Julian and Michael for both your WP 2.5 fixes. Just remember to add an open curly bracket when using Julian\\\’s code:
if ( !is_user_logged_in() ) {
Lisa, not sure if this helps but I\\\’m using Firefox v2.0.0.13 with Julian\\\’s code, which works okay with my WP 2.5 installation.
April 21st, 2008 at 3:51 am
Julian patch works for me.
Will you update the sources for 2.5 ?
April 29th, 2008 at 4:01 pm
( !is_user_logged_in() ) { Works fine with mozilla 2.0.0.14 internet explorer 7. cheers!