Angsuman’s Authenticated WordPress Plugin - Password Protection for Your WordPress Blog

By Angsuman Chakraborty, Gaea News Network
Tuesday, December 27, 2005

Overview

ARTICLE CONTINUED BELOW

This WordPress plugin (tested on 1.5.x & 2.0) will make your blog accessible only to logged in users.

A must-have for paid-content publishers and privacy concerned bloggers.

This is a simple zero configuration plugin. It allows you to view any content, if and only if you are logged in.

Note: Please refer to WordPress Plugins (Free) Developed and Supported by Taragana.Com for a comprehensive list of all the plugins we have developed and provide for free. Any new plugin development requests (or enhancement requests) should also be indicated there as comments.

Update

For few users the plugin wasn’t directly redirecting but bringing up an intermediate page. Brian found a solution to this issue. The plugin has been updated with Brian’s fix. If you are facing this problem then you are strongly encouraged to download the new version. Otherwise you may continue with your existing version.

Note: We are working on a new version of this plugin. Please let me know the features you would like in the comments or email it to me at angsuman[at]taragana[dot]com. Lokking forward to your suggestions.

Use Cases

Paid Content Publishers
If you want to use WordPress to display paid-content to your users then this plugin is for you. It allows you to display your articles only to registered users. You can prevent non-paying users from registering on your blog by unchecking Anyone can register checkbox in Options / General screen. And then you can manually register the paying members (Users / Authors & Users screen under Add New Users section) who will then have access to site contents.

Private Bloggers
If you want to make your blog accessible to few people only (like family and/or friends) then this plugin is for you.

If you are writing on senstive topics which may cause problem in your professional / personal life then you can use this plugin to restrict access to the contents of this blog. Only you and your selected users will have access to the contents.

Note:
This plugin makes the whole blog inacccessible for non-logged in users including search engines. So long this plugin is active your blog contents will be inaccessible to search engines.

Disclaimer:

Use at your own risk. No warranties, expressed or implied are provided.

Download:

Angsuman’s Authenticated WordPress Plugin

Installation

http://codex.wordpress.org/Managing_plugins#Installing_a_plugin

Note: This Plugin supports one-click-install through WordPress Plugin Manager and is also available from WordPress Plugin DB.

  1. Upload ac_authenticator.php to your wp-content/plugins directory.
  2. Log in to WordPress.
  3. Click Plugins from the main menu.
  4. Scroll to find the name of the plugin - Angsuman’s Authenticated WordPress Plugin, and click Activate.

You are done!

Configuration & Usage

No configuration is required. Just activating the plugin is all you need to do and if you followed the installation steps above then you have already done that.

Enjoy!

Discussion
October 8, 2010: 1:38 am

Very often I go to see this blog. It very much is pleasant to me. Thanks the author

October 5, 2010: 3:30 am

Hiya guys.I just come to this forum.Good luck everyone。

September 28, 2010: 9:35 am

Well worth to read this article, thanks for sharing this information. With this article you offered me got a chance to know about this, anyway i say Great Article! and waiting for you next article about this interesting subject.

September 28, 2010: 9:33 am

Hi. First of all I would like to say what a great site you have. I have been using it for a month or so now and really seeing the results. I am half an inch longer already and a good bit thicker. Thanks again.

September 16, 2010: 4:32 am

2010 - These celebrate the twenty-fifth anniversary of the Jordan brand. Other models from the line include the Dub Zeros. The Dub Zeros were released in 2005 and are a combination of many different models. They feature the most recognizable pieces of the most famous models.

September 16, 2010: 4:29 am

I will post a fix today. Thanks for the catch.

September 15, 2010: 9:57 pm

it’s good to see this information in your post, i was looking the same but there was not any proper resource, thanx now i have the link which i was looking for my research.

September 13, 2010: 7:23 am

Thank you good blog really

September 12, 2010: 8:32 am

you might be known with your fact before ..anyways happy to read your blog post

September 11, 2010: 7:26 am

Thanks for making this great plugin.

September 8, 2010: 4:23 am

Considerably, this post is really the sweetest on this notable topic. I harmonise with your conclusions and will thirstily look forward to your incoming updates. Saying thanks will not just be sufficient, for the phenomenal clarity in your writing. I will directly grab your rss feed to stay informed of any updates. Admirable work and much success in your business dealings!  Please excuse my poor English as it is not my first tongue.


Lez
September 5, 2010: 4:24 pm

evet wordpress cok ıyı ama kullanımı bıraz soz bana gore

September 3, 2010: 6:30 pm

hellllllllo, does this plugin protect RSS feeds and the like? thanks.

August 30, 2010: 2:49 am

Nice blog. The content of your blog is exactly wonderful, and your blog template is Simple generous. So good

August 30, 2010: 1:43 am

I love your post, thank you for sharing.

August 30, 2010: 1:33 am

Your website is so much nice i would like to see all the posts but i have dont

enough time to do it. Over all i loved your all the articles

August 29, 2010: 9:24 pm

It has been fixed. Please download again.

August 28, 2010: 6:00 am

Good news,in here we will troduce

August 26, 2010: 5:49 pm

Thank you very good blog system, I got very good information thanks to your site. I am constantly followed.

August 26, 2010: 4:44 am

I’m pretty new to your blog, but am enjoying what I have read so

far. This post particularly caught my attention.

your post are very useful for me. i like it.

thanks for sharing

look forward your new posts

August 25, 2010: 12:38 pm

great info on the plugin and why it is needed.

August 24, 2010: 1:42 am

that’s really great news
i never heard it before
nice post
look forward your new posts

August 23, 2010: 7:23 pm

is sounds nice.

August 20, 2010: 2:11 pm

thanks very nice

August 19, 2010: 1:40 pm

i agree with your point it very useful articles

August 19, 2010: 5:29 am

Thanks for such a great post and the review, I am totally impressed! Keep stuff like this coming

August 17, 2010: 6:21 am

Perhaps this is one of the most interesting blogs that I have ever seen. Interesting article, Funny comment. Keep it up!

August 17, 2010: 1:42 am

Dear friends,I am a fanatic watch collection, especially the well-known watches, you also can do, just click on my name!!!!!!!!

August 13, 2010: 8:33 pm

very nice thanks very good

August 12, 2010: 4:09 am

So I use this plugin and it seeeeems great! Only thing that i would like it to do is not take member to it’s profile page


oyun oyna
August 12, 2010: 3:40 am

Very nice ! Thank youdd

August 11, 2010: 6:40 pm

very nice thanks


authentic wholesale
August 9, 2010: 8:58 am

welcome to our jersey store

July 30, 2010: 8:00 pm

Enjoyed every bit of your blog.Great.

July 29, 2010: 10:42 pm

Fantastic Read! Looking forward to more! Bookmarked the site and will be back again!

July 28, 2010: 7:59 am

thanks admin perfect blog onayla pls…

July 27, 2010: 9:38 pm

Useful plugin, thank u for sharing this tool.

July 27, 2010: 2:57 am

thank you…

July 27, 2010: 2:10 am

good!!! thanks for your sharing

July 26, 2010: 12:18 am

hello, does this plugin protect RSS feeds and the like? thanks.

July 23, 2010: 4:28 am

September 15th, 2006 We are working on a new version of Authenticated plugin. Please let me know the features you would like in the comments or email it to me at angsuman[at]taragana[dot]com.

July 23, 2010: 3:49 am

Come and listen to Laura, chat with her and participate in an engaging and dynamic conversation!

July 19, 2010: 5:09 pm

Thanks for posting all the info on this plug in! :-)

July 19, 2010: 3:15 am

Thank you dear manager

July 19, 2010: 3:13 am

I am just learning Information of Subject. Php and this was very easy to follow and helped a lot. You really took time to explain every little bit

July 17, 2010: 4:48 pm

I will post a fix today. Thanks for the catch…

July 16, 2010: 8:50 pm

thank you very much , thanks you for sharing have a nice day

July 16, 2010: 7:43 am

thanks admın

July 16, 2010: 4:55 am

Thanks a lot! I am just learning Information of Subject. Php and this was very easy to follow and helped a lot. You really took time to explain every little bit

July 16, 2010: 4:52 am

Thanks a lot! I am just learning Information of Subject. Php and this was very easy to follow and helped a lot. You really took time to explain every little bit

July 12, 2010: 8:04 am

the plus is usefull for wordpress blog.


Sam
July 10, 2010: 6:55 am

The plugin locked me out of my Wordpress website. My pass word is no longer recognized.

July 7, 2010: 8:19 am

The informations are so lovely and so usefull so thank you very much. Be sure i will use all of them keeping in my mind.Have a goog luck.

July 6, 2010: 9:25 am

Thanks a lot! I am just learning Information of Subject.
Php and this was very easy to follow and helped a lot.
You really took time to explain every little bit

July 6, 2010: 9:24 am

thanks admın

July 6, 2010: 9:21 am

Thanks For Comment.. Very Nice a Topic

June 28, 2010: 4:00 am

This website is very nice and colorful too. Its nice to have something to show others where you attend church and to show all the smiling people filled of the goodness of the Lord. You have a wonderful website here. May God rich bless you always.

June 26, 2010: 10:36 am

Very nice ! Thank you

June 26, 2010: 10:35 am

Excelent post. It really helped me!

June 26, 2010: 10:34 am

great post as usual!

June 26, 2010: 10:30 am

really a great page hmmmmmm…

June 17, 2010: 6:12 pm

thansk very nice sites


trisha
June 16, 2010: 2:50 pm

Is this plugin still being maintained/supported/whatever? The last comment was from nearly a year so I thought I should ask.

I’m looking for a way to password protect a blog so that only friends and family can see it. If I understand right, everyone gets a different password? I like that rather than using something like .htaccess, so that if someone becomes inappropriate I can delete them as a user, rather than have to change the password for everyone. It also would keep people from giving the password out to just anyone.

And do you know if it works with WP MU?

June 15, 2010: 9:29 am

Thanks a lot! I am just learning Information of Subject.
Php and this was very easy to follow and helped a lot.
You really took time to explain every little bit.
Thanks again….

June 11, 2010: 10:51 am

thanks admın

June 11, 2010: 10:50 am

thanks you admın

June 11, 2010: 10:34 am

Thanks a lot! I am just learning Information of Subject.
Php and this was very easy to follow and helped a lot.
You really took time to explain every little bit.

June 9, 2010: 6:43 am

Thank you for inquiring. Been working very nice.
An excellent blog about perfect.
Thank’s again.

June 9, 2010: 2:16 am

Hey I was testing this code, and if you are not registered, you CAN’T Register. If you log out, and try to register, it wants you to login to be able to access it.

June 9, 2010: 2:13 am

thanks admin good blog

June 7, 2010: 5:01 pm

I will post a fix today. Thanks for the catch.

June 7, 2010: 4:49 pm

Thank you so much looking for something good in terms of the Security Review sincerely for this topic to a few friends Öneriçem

June 7, 2010: 10:41 am

As you have a blog about sharing was very nice.
I host it and different places in search of an active subject.
I thank you for information..

June 4, 2010: 7:52 am

very good this plugin.tanks

May 17, 2010: 7:37 am

a very successful site. Also very revealing article. Thanks to the contributors.

May 16, 2010: 6:53 am

hello everyone. this is really a great plugin which I am gonna use. thanks for the author to publish it.


Karthikeyan
May 11, 2010: 3:05 am

I need this Authenticated Wordpress Plugin for Wordpress new version.. Can you please send me.

April 30, 2010: 10:27 pm

very good this plugin.tanks

April 26, 2010: 6:29 pm

I have been looking for this information for days. Great article, very informative. Thanks and greetings!


sandy
April 23, 2010: 1:29 pm

I activated this.. and it does take you to the new log in page when you go to the website BUT It will not allow me to log in in the site. Help please.. please email me with your response.

April 22, 2010: 6:04 pm

thanks for admins

April 19, 2010: 4:20 am

Very Fa pulings real estadet for ? script

April 15, 2010: 7:57 am

WordPress just released version 2.1. We have tested Translator Plugin Pro with 2.1 release and it works perfectly out of the box

April 4, 2010: 3:35 pm

Hi this is actually just a stupid ass guestion. If someone has fast solution please tell me. So I use this plugin and it seeeeems great! Only thing that i would like it to do is not take member to it’s profile page, i would like it to go straight into the mainsite. Any easy solution for that?, thanks!


sohbet odaları
March 27, 2010: 12:46 pm

hello, does this plugin protect RSS feeds and the like? thanks.


almanya chat
March 15, 2010: 7:29 pm

I will post a fix today. Thanks for the catch.

March 4, 2010: 4:47 pm

June 8th, 2007 Angsuman’s Translator Plugin Pro is fully supported on all the latest versions of WordPress viz. WordPress 2.0.x, 2.1.x, 2.2.x Release versions as well as WordPress 2.3 development version.

March 4, 2010: 12:12 pm

tanx see you later

February 24, 2010: 8:55 pm

I like the simple way you break this down for us, thanks alot again!

February 24, 2010: 8:54 pm

That is a great idea and thanks for your post. Its starting to make much more sense now after I’ve been doing the research on my own.

February 24, 2010: 8:18 am

thanks wonderfull!

February 22, 2010: 3:26 pm

Thank You Admin Nice Post

February 19, 2010: 3:42 am

Thanks website.

February 16, 2010: 9:51 pm

hello, does this plugin protect RSS feeds and the like? thanks.

February 16, 2010: 7:11 pm

Thanks for the information. I needed a PW protection.

February 12, 2010: 8:00 pm

Can you fix this?

February 12, 2010: 5:03 am

thanks wonderfull!

February 12, 2010: 4:03 am

thanks for admin…

nice post love

January 30, 2010: 7:52 pm

interesting information thank you

January 2, 2010: 2:29 am

Hi ! there,Thanks for making this great plugin.nice post you made a great thing in this post thanks


sgsenra
December 27, 2009: 9:02 am

hello, I activate your plugin, but when I open the blog, and I put my user name and my password, nothing. Another time the same box, user and password. I register the user in my blog like suscriptor. What is the problem?. Sorry for my English, is terrible

December 5, 2009: 9:17 pm

thank you very nice this post

very good :)))))

December 5, 2009: 4:53 pm

god post thanks very nice.

November 29, 2009: 12:23 am

thanks your sites.

November 26, 2009: 8:51 am

thanks you wonderfull!

November 26, 2009: 8:50 am

[...] Hay ocasiones en que nos puede interesar limitar el acceso al contenido y comentarios en nuestro blog a un grupo determinado de personas. Por ejemplo, deseas que el contenido sea solo accesible a los estudiantes del curso o los participantes de un taller. Con el Angsuman’s Authenticated WordPress Plugin puedes limitar el acceso a solo aquellos que tienen cuenta. El contenido del blog tampoco podrá ser identificado por los motores de búsqueda. [...]


Eva
November 15, 2009: 2:03 am

Hey :) I just installed and activated this plug in on my blog. When someone types in the url of my blog they get the login page indeed. They cannot login, however. Instead of redirecting them to the homepage once they are logged in, it redirects them to the login page o.O

November 5, 2009: 4:23 pm

Wery nice page and document thanks all

September 22, 2009: 9:40 pm

Hey,it’s a nice post.
So great.Good article.


sohbet
September 18, 2009: 7:26 pm

Also, I was curious to see if anyone has found a plugin which allows users to register, but does not send them a password to your site until an admin has checked them over.


Hydraulic valves
September 4, 2009: 1:13 am

great plugin! thanks

August 29, 2009: 12:11 pm

I’d love to see the ability for the RSS feeds to be accessable with a username and password. While I can’t see the RSS feeds of content currently, when I put a wordpress username/password into the RSS reader it connects, but returns an XML error…


TerrorBite
August 11, 2009: 3:58 am

I installed this plugin on my new Wordpress site. Unfortunately it didn’t recognise that a user was logged in and caused an infinite redirect loop as the plugin redirected me to the login page, which detected a logged-in user and redirected me back to the page I was trying to view and thus indirectly back to the plugin.

It seems that the Wordpress USER_COOKIE is deprecated, with AUTH_COOKIE now used instead. Angsuman’s plugin doesn’t check this.

However, as of WP 2, there’s a far easier way to check if a user is logged in.
I fixed the issue by replacing the following horrible conditional:

if ( (!empty($_COOKIE[USER_COOKIE]) && !wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true)) || (empty($_COOKIE[USER_COOKIE])) ) {

with the new Wordpress function is_user_logged_in():

if ( !is_user_logged_in() ) {

The plugin now works perfectly.

July 19, 2009: 6:27 pm

It has been fixed. Please download again.

July 15, 2009: 4:41 pm

Great plugin. Like many users, I’d love to see the ability for the RSS feeds to be accessable with a username and password. While I can’t see the RSS feeds of content currently, when I put a wordpress username/password into the RSS reader it connects, but returns an XML error…

July 8, 2009: 11:54 am

thanks you so much

July 3, 2009: 2:33 am

I will post a fix today. Thanks for the catch..

June 1, 2009: 1:17 pm

I am using your plugin with WordPress 2.5.1. It works fine. When a user logs in from the WordPress Login Screen, is there a way to go directly to the main posts page? I keep going to the Admin Page

May 30, 2009: 11:46 am

I will post a fix today. Thanks for the catch.

May 25, 2009: 12:33 pm

Hey I was testing this code, and if you are not registered, you CAN’T Register. If you log out, and try to register, it wants you to login to be able to access it.

April 25, 2009: 6:42 pm

Plugin sounds great, but I still have the problem that some of you are also facing, that when I install it and try to login it redirects me to the login page again. How can I fix this? Using Safari on an iMac. Would like to redirect to homepage immediately after logging in, not to the dashboard. So, what to do to fix these 2 problems?

February 28, 2009: 1:14 am

Wonderfull plugin thanks


ARCH
February 20, 2009: 6:36 am

hi everyone,

I am having that problem where i cannot login, it just redirects me back to the login.
everyone is talking about changing the plugin’s code, so how do i get to the plugin because i cannot log in?

December 16, 2008: 9:57 pm

This doesn’t seem to work properly with WordPress 2.7.

Does anyone have a fix?

November 20, 2008: 8:54 am

у меня в ридер отдается не полный фид блога, одни заголовки. так и должно быть?.

November 17, 2008: 6:30 am

[...] The easiest and best and the one we are going to look at involves a plugin. A plugin called “Angsuman’s Authenticated WordPress plugin“. This plugin checks to see if the person viewing a Wordpress blog is logged in or not - if [...]

October 27, 2008: 12:09 pm

[...] el plugin Angsuman’s Authenticated WordPress Plugin - Password Protection for Your WordPress Blog podremos hacer que nuestro blog tan solo pueda ser visto por un grupo de personas limitado. Los [...]


Tom
October 20, 2008: 5:11 pm

Hello, I have a problem. I installed this plugin and it seems to work great so far. The only problem is even thoguh I set it to redirect to the main page it redirects to the user dashboard. I need to fix this if anybody has any idea it’d be greatly appreciated!

October 18, 2008: 8:49 am

We do not maintain the free version at this time. However the paid version (Authenticator Pro) is well maintained and runs with all versions of WordPress including but not limited to 2.6.2. Additionally it comes with 6 months of free support and unlimited free updates to ensure compatibility with all future versions of WordPress. Also it allows your various options to restrict access to your feed to feed subscribers only or allow access to all.
Note: The original free version disallows feed access to anyone.

The pro version costs 30$ only. If you would like to purchase it then make a payment via PayPal to sales @ taragana . com and mention the product name Authenticator Plugin Pro. We will process your order latest by one business day.


Tim
October 18, 2008: 7:59 am

when will this be updated to run on 2.6.2

October 5, 2008: 2:19 am

@Angsuman Chakraborty
I’d be happy to purchase this… if you can tell me where I can buy it! My searches for “Authenticator Pro” came up fruitless. Please send me an email if you have time, thank you!

September 25, 2008: 10:09 am

[...] Angsuman’s Authenticated WordPress PluginはWordPressサイト全体にユーザ認証をかけるプラグイン [...]

September 5, 2008: 8:06 pm

@Marcos
We sell Authenticator Pro for 30$ which allows you to password protect your RSS feed in addition to your blog. It has been tested on all recent versions of WordPress.


marcos
September 5, 2008: 7:40 am

Hi, I need to set this plugin so I can make the blog password protected (2.6).
What i need also is to allow the rss feed to be accesible for certain ips
Can you help me with this?

August 16, 2008: 4:45 pm

I’m having trouble with the installation of this plugin with Wordpress 2.6 Attempt to add the username and password will not let me change the radio button and I get errors and warnings:
Warning: array_values () [function.array-values]: The argument should be an array in / mounted-storage/home37a/sub001/sc29674-JTIM/www/tesisple/wp-content/plugins/askapache-password-protect.php On line 462
Warning: Invalid argument supplied for foreach () in / mounted-storage/home37a/sub001/sc29674-JTIM/www/tesisple/wp-content/plugins/askapache-password-protect.php on line 544
Warning: array_values () [function.array-values]: The argument should be an array in / mounted-storage/home37a/sub001/sc29674-JTIM/www/tesisple/wp-content/plugins/askapache-password-protect.php On line 515

Thanks in advance. I need help.


Neil
July 20, 2008: 12:41 pm

Yes - the code with the correct speech marks does work as Frederik said. Everytime wordpress updates this plug-in causes a login problem - is it beign re-written to make it more robust/immune to changes in Wordpress or is it not being maintained at all? Last time I looked I couldn’t find any alternative even though I understood from the Wordpress documentation that you could make a blog private - does anyone know if that is possible by configuring somethign in wordpress or is there another plugin worth trying?


Frederik
July 18, 2008: 2:02 pm

The redirection problem seems to be fixed by using the code from Mike Lanxess and in addition dropping the line
$user = wp_signon();
which is not needed any more.

July 18, 2008: 1:28 pm

If you are a PHP noob, and copy and past Mike Lanxess’ fix, be sure to fix the quotation marks in order to get it to work.

Worked fine once I did this.


Peter
July 18, 2008: 9:47 am

Update:

Instead of using Michael Niessl\’s fix I used this as the replacement code:

global $user_ID;
if (!$user_ID) {

as recommended here:

http://comox.textdrive.com/pipermail/wp-testers/2008-March/006542.html

This solves the NO ACCESS problem BUT it opens straight to the Dashboard, not the members’ front page.

Still, this feels like progress, after a fashion.

(BY THE WAY: sorry about the double post above.)


Peter
July 18, 2008: 9:29 am

Hmmm… I’m wondering what “doesn’t work” means. My story:

1. Upgraded from 2.1.x to 2.6 and on reactivating my plugins experinced a fatal error warning related to Angsuman’s Authenticated WordPress Plugin.

2. Came here and tried Youri’s fix above (using global $pagenow;) and no more errors on activating the plugin BUT couldn’t login.

3. Removed fix from 2 and tried Michael Niessl’s fix from above. Again, no errors BUT still could not login.

4. Went back to the original (unaltered) plugin. Interestingly, no errors this time (ie, no fatal errors on activating the plugin). BUT of course, no site access protection either!

This plugin has been so good we’ve all taken it for granted. Certainly missing it now. We need a fix for this for 2.6 please…. someone?

Thanks


Peter
July 18, 2008: 9:26 am

Hmmm… I’m wondering what “doesn’t work” means. My story:

1. Upgraded from 2.1.x to 2.6 and on reactivating my plugins experinced a fatal error warning related to Angsuman’s Authenticated WordPress Plugin.

2. Came here and tried Youri’s fix above (using global $pagenow;) and no more errors on activating the plugin BUT couldn’t login.

3. Removed fix from 2 and tried Michael Niessl’s fix from above. Again, no errors BUT still could not login.

4. Went back to the original (unaltered) plugin. Interestingly, no errors this time (ie, no fatal errors on activating the plugin). BUT of course, no site access protection either!

This plugin has been so good we’ve all taken it for granted. Certainly missing it now. We need a fix for this for 2.6 please…. someone?

Thanks


Dennis Nagy
July 17, 2008: 9:47 pm

I am using your plugin with WordPress 2.5.1. It works fine. When a user logs in from the WordPress Login Screen, is there a way to go directly to the main posts page? I keep going to the Admin Page.

July 17, 2008: 5:51 am

Got a problem after upgrading to WordPress 2.6. I was able to access the dashboard but not the blog itself. Niessl’s patch worked for me before (WordPress 2.5). It looks to me Julian’s patch has solved the problem. Here is the script that worked for me:

function ac_auth_redirect() {
// Checks if a user is logged in, if not redirects them to the login page
$user = wp_signon();
if ( !is_user_logged_in() ) {
nocache_headers();
header("HTTP/1.1 302 Moved Temporarily");
header('Location: ' . get_settings('siteurl') . '/wp-login.php?redirect_to=' . urlencode($_SERVER['REQUEST_URI']));
header(”Status: 302 Moved Temporarily”);
exit();
}
}

if(’wp-login.php’ != $pagenow && ‘wp-register.php’ != $pagenow) add_action(’template_redirect’, ‘ac_auth_redirect’);
?>


Mark Beazley
June 21, 2008: 7:05 am

Michael Niessl’s post from April 3rd, 2008 solved this issue for me. Didn’t try any other hacks. Thanks to all who posted. A helpful spirit is the heart of every successful forum.

June 11, 2008: 1:17 am

Hello,

I try the Michael Niessl code It works perfectly….Thank you Michael Niessl.

June 10, 2008: 2:49 am

HHi,
I have the same problem with Wordpress 2.5.1 do I have to go back to wordpress 2.3.1 ?

June 5, 2008: 10:55 am

Hi,

I tried using Michael Niessl method for my Wordpress 2.5.1, but it did not worked? Can anybody assist me?

May 27, 2008: 12:01 pm

thank you for this great plugin


Ray
April 29, 2008: 4:01 pm

( !is_user_logged_in() ) { Works fine with mozilla 2.0.0.14 internet explorer 7. cheers!

April 24, 2008: 4:42 am

Hallo Angsuman,

Great plugin. But I update my WordPress to 2.5.
Can you update this plugin to 2.5 version?

Best regards,
Andrey


jandry
April 21, 2008: 3:51 am

Julian patch works for me.
Will you update the sources for 2.5 ?


Jorgen Callesen
April 11, 2008: 5:34 am

Dear Angsuman,

This is a very useful plug-in - so I vas very unhappy to find out that it does not work with WordPress 2.5 - is there any updates / fixes on the way.

best wishes and thx again.

Jorgen


Vaska
April 10, 2008: 3:43 pm

Thanks Julian and Michael for both your WP 2.5 fixes. Just remember to add an open curly bracket when using Julian\\\’s code:

if ( !is_user_logged_in() ) {

Lisa, not sure if this helps but I\\\’m using Firefox v2.0.0.13 with Julian\\\’s code, which works okay with my WP 2.5 installation.


Francisco Camargos
April 10, 2008: 1:35 pm

I needed this script badly on WP2.5, so I did some modifications and get it to work.

Here is my modified version, maybe it can be usefull for some of you:
###############################################
function ac_auth_redirect() {
if(!wp_validate_auth_cookie()) {
nocache_headers();
header(”HTTP/1.1 302 Moved Temporarily”);
header(’Location: ‘.get_settings(’siteurl’) . ‘/wp-login.php?redirect_to=’ . urlencode($_SERVER['REQUEST_URI']));
header(”Status: 302 Moved Temporarily”);
exit();
}
}

if(’wp-login.php’ != $pagenow && ‘wp-register.php’ != $pagenow) add_action(’template_redirect’, ‘ac_auth_redirect’);


nadia
April 10, 2008: 12:43 am

I used Michael Niessl’s code and it worked!!!

Thanks! :)


JT
April 7, 2008: 10:27 pm

@Lisa (173)

Just tried Julian\’s fix. Works for me too, on both IE and Firefox. Thanks all!


Lisa
April 6, 2008: 2:30 pm

I used Julian’s code and the plugin works fine in Internet Explorer. However, when I try to log in with Mozilla, it says incorrect password. I tried clearing the cache, etc. Anyone else have this problem with Mozilla?


Mike
April 5, 2008: 1:22 pm

Thanks Michael. Worked for me as well.

April 5, 2008: 4:11 am

thanks a lot, works fine for me, too! :)


nepf
April 4, 2008: 12:16 am

thank you, Michael, works fine.

April 3, 2008: 9:42 pm

Michael Niessl\’s code (comment 167) is working for me, as well.

Thanks!

April 3, 2008: 4:45 am

I solved it the same way Julian did, using the is_user_logged_in() function. I would think it\\\’s a better solution to use the built-in WP functionality as well…

The plugin is working perfectly for me now.

Cheers,
Carl-Johan


Michael Niessl
April 3, 2008: 3:31 am

Problems after update to wordpress 2.5.

Hi there. I also encountered that “inifite loop” problem mentioned above. I’m not so deep into wordpress code, but I was able to re-establish all plugin features by replacing

if ( (!empty($_COOKIE[USER_COOKIE]) && !wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true)) || (empty($_COOKIE[USER_COOKIE])) ) {

by

$user = wp_signon();
if ( is_wp_error($user) ) {

Seems to work perfectly the way it should.


Reno
April 2, 2008: 8:39 am

Ok, is good in WP 2.5

Reno

April 2, 2008: 1:32 am

I had the same problem with the infinite loop a while ago, when I was using the unstable version of WP. I fixed it by replacing this line:

if ( (!empty($_COOKIE[USER_COOKIE]) && !wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true)) || (empty($_COOKIE[USER_COOKIE])) )

with this line:

if ( !is_user_logged_in() )

I don’t know if that is strictly correct, but it seems to work fine. Hope that helps.

Cheers
Julian


Ben
April 1, 2008: 12:10 pm

Also not able to use this plugin with WordPress 2.5. Looking forward to a working update!


Vaska
April 1, 2008: 11:41 am

As as possible feature could we allow RSS feeds to be open but all other pages protected? I’m thinking this will allow people a preview of the postings via RSS feeds without needing to login/having an account.

Looking forward to the WP 2.5 fix before upgrading my sites–Thanks!

April 1, 2008: 7:02 am

I think I\\\’ve found a sollution to get the plug-in to work with WP 2.5!

This line of code should be added:
global $pagenow;

If you add this simple line to the plug-in it works fine again. This line should be placed directly under the header-comment.

The complete code should be like this:

The reason why it didn\\\’t work with WP 2.5 is probably because of a change in the global scope of the plug-ins.

If you have any suggestions or comments, please send me an email: evilyouri (at) hotmail (dot) com

April 1, 2008: 4:25 am

Hi, the same here. Cannot access my post after upgrading to WP 2.5. Thanks for any fix you might provide… D.


Whit
March 31, 2008: 11:33 pm

After poking around the 2.5 code, here’s what I came up with for a quick fix…

Simplify the if statement in ac_auth_redirect() to the following:

if ( !wp_validate_auth_cookie() ) {

Works for my purposes.

March 31, 2008: 11:23 pm

We will look into it.


craig
March 31, 2008: 8:04 pm

yeah I had the same “infinite loop” issue with my blog as well. It is possible to reach the admin side of the house–just not the public pages.

Hope someone figures out the problem. This is a great plugin.

March 31, 2008: 8:06 am

Many thanks.

The problem seems to be in the way it redirects once you login. In both Firefox and Safari (in OS X), it produces an infinite loop of redirection that never leads to the blog.

March 30, 2008: 2:35 pm

We will test the plugin on Monday against WordPress 2.5. We will issue an update, if necessary.

March 30, 2008: 8:29 am

Unfortunately, WordPress 2.5 seems to break this plugin. That’s a big problem for me, since I have a site that depends on it.

Does anyone know of a fix? Alternatively, will there be a new version?

Many thanks.


David
February 19, 2008: 3:52 pm

I have been using the plug-in for a while it is perfect. Thanks. Would you know how to establish a whitelist of authorized registrants be their e-mail address after the @? I want to allow registrants to my blog from a specific company.

Thoughts?

DS


Craig
February 10, 2008: 1:58 pm

Also, if you mean “open the feeds” on the free version … How/Where?

Thanks!


Craig
February 10, 2008: 1:46 pm

Hi Angsuman,

Couple of things:

1. URL of page about Paid version of Authenticated Plugin?

2. Pay via PayPal?

3. You state: Alternatively we can open the feeds too. Do you mean on the free version or the paid?

Thanks.
–Craig


stessi02
February 10, 2008: 1:30 pm

Great plugin. Thank you!

I was wondering what you guys use to track logged in users. I tried Wassup but it shows is not easy to read who actually tried to login (unsuccessfully) and who was able to read (i.e. logged in).
Thanks.

February 9, 2008: 6:58 am

Craig,

We have a separate version which allows for password protected feeds, understandable by all feed readers. Alternatively we can open the feeds too.

Please make a payment of 30$ to sales at taragana dot com for a copy.

Best,
Angsuman

February 8, 2008: 7:35 pm

For those of you looking for a way to authenticate Users before they are allowed access to your protected blog … use this plugin: http://www.dealsway.net/2007/09/04/wp-user-moderation/

I have it working on a client’s company blog & it works great with angsumans-authenticated-password-protection plugin.


Craig
February 8, 2008: 7:29 pm

Hi Guys,

This is a great plugin except for the issue of feeds.

Any chance that you are going to change it so it handles feeds … any time soon?

Thanks.

February 8, 2008: 7:25 pm

Jakob,
Put it at the top of your files like this:
<?php ac_auth_redirect(); ?>

February 8, 2008: 5:12 pm

@143: Exactly where do I need to put ‘ac_auth_redirect();’ for the protection of files to work?

February 3, 2008: 2:36 pm

thank you very much for Angsuman’s Authenticated WordPress Plugin!

January 23, 2008: 3:20 am

Great Plugin.

Thanks a lot!


Manele gratis
January 9, 2008: 11:15 am

great plugin man.. do you have more?:D

January 3, 2008: 12:16 am

I got the solution for my problem. Just ned to call this function in my header ‘ac_auth_redirect();’
Thnks anyways.

January 3, 2008: 12:10 am

I got the solution for my problem.Need to call this function in my header:.
Thnks anyways.

January 2, 2008: 7:18 am

Hello,

Thnks for this wonderful plugin.I am using this for my company’s internal blog.Though the plugin works fine for the blog which is ‘n-syst.com/blog’ but it fails to protect other pages like ‘n-syst.com/blog/links.php’.The case is same with uploads. I want to upload files containing confidential information and i cannot put this information post content as it also includes excel files.

Please suggest some solution.

Thnks
Prachi


Jeff
January 1, 2008: 11:51 pm

Is there a way to include a “register” link also? I’d like people to be able to register themselves and then have me be able to approve it (this works in unmodified WP…)

Thanks


Thomas
December 30, 2007: 12:09 pm

If you want to redirect to the blog instead of the admin-panel after login:

- open the file “wp-login.php” in the wp-root
- search the line “$redirect_to = ‘wp-admin/’;”
- delete “wp-admin” (keep the slash)
- save and upload the file “wp-login.php”

Attention: I’m no programmer and I don’t know, if that’s a “legal” solution - but for me it works. Just use this instruction at your own risk.

regards
Thomas


darrell
November 30, 2007: 4:31 am

re (136) i vote for this as well, please!

November 28, 2007: 11:00 am

Hello, great plugin but I wonder if you could make it so that the site is accessible, just not the blog posts. I still want people to see the site and the pages, but I want the posts to require that a user is logged in.

thank you
matt


Ralph
October 8, 2007: 7:58 am

Hello,
Fantastic plug-in, works great!

One question: Is it possible to redirect users directly to the homepage after login, i.e. http://www.yourdomain.com instead of going to the WP dashboard/profile page?

If yes, where should I make that possible in the code?

Thanks already!
Ralph

October 5, 2007: 10:16 am

In WP 2.3 it produces this error message after posting a post which posts successfully.

WordPress database error: [Unknown column 'user_level' in 'where clause']
SELECT ID FROM wp_users WHERE user_level > 0

WordPress database error: [You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '' at line 1]
SELECT post_author, post_title FROM wp_posts WHERE ID =

When is the new version coming out?


Jagtesh
October 5, 2007: 2:33 am

Thanks!! It works wonders!


dennis3484
September 30, 2007: 6:20 pm

Hallo Angsuman,

great plugin. As many others have asked before: Is there any status update on a version that would support authenticated RSS feeds?

Best regards,
Dennis


JOhan Nilsson
September 26, 2007: 12:44 pm

HI,

Your nice plugin has worked for quite some time. Right now I am getting

Warning: Cannot modify header information - headers already sent by (output started at /var/www/web216/html/internal/wp-includes/wp-db.php:160) in /var/www/web216/html/internal/wp-content/plugins/ac_authenticator.php on line 18

If I disable the plugin the webpage is almost 100% OK. I am getting an error at the top, but the rest is OK

WordPress database error: [Table 'usr_web216_2.wp_post2cat' doesn't exist]
SELECT DISTINCT(post_id) FROM wp_post2cat WHERE category_id=2

To make the story complete I did an update to WP 2.3 after the problems occurred.

Any idea on what could be going on here?

September 25, 2007: 1:06 pm

Hi Angsuman,

I used your plugin with a learnerblogs.org blog this summer with no problems; users had to register with learnerblogs and then I had to add them to the blog. I tried the same thing with an edublogs.org blog, and my colleague was able to view the blog with her edublog username and password, but without me adding her to my users. This isn’t enough privacy for this blog - is there any way you can help me?

Thanks, Shona

September 24, 2007: 10:51 am

mk,
It has nothing to with the plugin. You MySQL database is simply down. Please restart it and your problem will be solved.


mk
September 24, 2007: 4:29 am

Hi Angsuman,
This is a wonderful plug-in and did just what I wanted. However, it seemed to hang and I closed the page… I cannot access the blog thereafter. It gives a wordpress error that wordpress cannot connect to the database.
Could you suggest a fix?

Thanks,
mk

September 23, 2007: 11:24 am

This plugin is great. I use for wordpress 2.2.3 and it’s work very well

September 6, 2007: 10:53 am

I have just installed your plugin on a new blog..i’m a beginner…thank you!


bjoern
September 4, 2007: 5:09 pm

Great work, thanks!
Does exactly what i was searching for!


marcus
July 27, 2007: 3:11 pm

kool plugin!

as for the new version: i would like to be able to subscribe to feeds. they are not working in feedreaders like vienna (os x).

browsers are fine though.

thanks!

m


David
July 17, 2007: 5:02 am

very cool plug-in. solved my headache when “privatizing” my blog’s content :) thx for this! d.

July 16, 2007: 4:40 am

I think these blog is really useful for new comers and Excellent resource list.

July 10, 2007: 2:40 am

Thanks! This is a great solution and exactly what I needed. Only blog members can access the blog and blog member management is handled by the administrator. Great!


toby
June 29, 2007: 10:34 am

hi angus,

fantastic plugin but i want to allow anyone to view my site but i have a private diary on there which doesn’t show in the posts or categories (using the category visibility plugin at http://ryowebsite.com/wp-plugins/category-visibility/ ) but you can access it if you know the page/cat number… i want to restrict access to this category only…

any help would be much appreciated…
thanks, toby


Malin
June 13, 2007: 12:19 pm

Hi,
thanks for the great plugin. Not sure if this is already included in the many posts above, but similar like igobypaul and Jason, I was looking for functionality to allow some pages unrestricted. Using combination of WordPress customs field and replacing the code of the function ac_auth_redirect with the code below solved my problem.
*** Modification: In case custom field “ispublic” with value “yes” is added in the post/page, the sites will be accessible for not authenticated users as well. Works however only if the starting /default WordPress page is set up to the unrestricted page.

global $post;
$post_id = $post->ID;
$key = "ispublic";
$single = true;
if(get_post_meta($post_id, $key, $single)!="yes") {
if ( (!empty($_COOKIE[USER_COOKIE]) &&
!wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true)) ||
(empty($_COOKIE[USER_COOKIE])) ) {
nocache_headers();
header(”HTTP/1.1 302 Moved Temporarily”);
header(’Location: ‘ . get_settings(’siteurl’) . ‘/wp-login.php?redirect_to=’ . urlencode($_SERVER['REQUEST_URI']));
header(”Status: 302 Moved Temporarily”);
exit();
}
}


Alex
May 31, 2007: 4:47 am

Very nice plugin.
Thank you for sharing your work. I apprecaite it. No problems here and keep up the wonderful work.

Kind regards,

-Alex


Andi
May 6, 2007: 5:10 am

Hi Folks

I really like your plugin despite the fact that in FF 2.0.0.3 using Wordpress 2.1.3 I can access http://www.url.com/feed/ without having to log in. Can you fix this?

Thanks

April 17, 2007: 4:40 am

Hello,

Just wanted to ask whether there was any status update on a version that would support authenticated RSS feeds?

Many thanks!

Kind regards,


Matt Henderson, MakaluMedia Group
http://makalumedia.com | +34 952 900 776 | +1 404 975 0988

April 12, 2007: 3:03 pm

Hi,

the RSS feed isn’t accessible due to the login page. Maybe change it to HTTP authentication?

J

February 28, 2007: 5:48 pm

This plugin has really helped me out on different occasions. Thank you!


Jason
February 22, 2007: 11:08 pm

Hi- I’m curious about what happens to all of the data collected from users? Does it get saved somewhere? Say I want to export the emails of all the people who have signed up. Is this possible?


Joe
January 29, 2007: 4:45 pm

GREAT plugin! I would LOVE for the next, more controllable version to come out soon. I want my feed to be able to be public, but my site to not be viewable to anyone that doesn’t have a wordpress login.

I’d also love a way to approve newly registered users — a sort of “apply for membership” process.

Thanks!

January 26, 2007: 9:23 am

It works with WordPress 2.1.


Justin
January 25, 2007: 8:39 am

Any chance of getting this working with wordpress 2.1?

January 25, 2007: 12:37 am

Exactly what I was looking for to set up a private sandbox area. Thanks for the excellent work. I’ve never had a problem with your plugins.

January 20, 2007: 11:43 am

This is a great plugin — thanks. however, I’m having the same problem as fred, john, and ellis. I’m running version 1.5.2? Will upgrading to 2.0 help? Any word on the new version of the plugin?

Thanks again,

Cameron

January 17, 2007: 11:03 am

[...] Translator Plugin Pro 4.0 supports translation even for password protected blogs. Translator 4.0 can translate even password protected blogs and pages, accessing the documents with the same privilege as the requester. You can, for example, use Authenticated User plugin to password protect your blog and yet Translator Pro will be able to translate pages for priviledged users (who has the permission to access the blog). [...]


stephen
January 2, 2007: 8:14 am

thank you sooo much! I’ve been looking for something like this.

Works great!

December 14, 2006: 6:52 am

[...] La seule nuance étant que j’ai du limité l’accés aux seuls employés de la société. J’ai donc utilisé le plugin d’Angsuman qui permet de restreindre l’accés au blog aux seules personnes enregistrées, puis modifier un peu la page d’enregistrement pour ne la rendre accessible qu’aux personnes possédant un email de la société cliente : [...]


erroorr
December 9, 2006: 7:15 pm

Hi thanks for the great work and i was thinking of:

what if there are private and public users.the private users can read all the comment and blogs but the public user can read blogs and only the public comments

I sorta need it so i thought you might wanna added to the next version its great to have it .

thanks again

December 8, 2006: 6:58 pm

[...] Ein nettes kleines Plugin, mit dem man verhindern kann das Dritte auf dem Blog Einträge lesen können. Um Beiträge zu lesen, muss ein User mit Password existieren mit dem sich die Person einloggen muss. Erst dann ist es möglich Einträge auf dem Blog zu lesen. Irgenwie ganz nützlich, ausserdem schwer zu googeln! [...]

November 20, 2006: 12:02 am

[...] I checked the plugins database, and sure enough, someone had already created a plugin that makes any existing WordPress blog private.  I had it up and running in ten minutes, and now, anyone who would like to create an account over at About The Baby can do so, and I’ll know about it immediately.  Any hacker sorts who want to pound on it or tell me where the security holes are, please be my guest. [...]

November 14, 2006: 1:21 am

We are working on a much better version of the plugin. We plan to release it in the first week of December.

November 13, 2006: 6:20 pm

Fantastic plugin, many thanks.

November 1, 2006: 3:53 pm

[...] Anyway, these novel logs (and other writings) won’t be public and will be for special interested, so most of the site will be for logged in users only. I’ve used Angsuman’s Authenticated WordPress Plugin for this purpose together with the “hide this site from the nasty robots” option that comes with WPMU. [...]

October 28, 2006: 1:12 am

[...] wer also sensible informationen hat, nur eine feste leserschaft (verein? firma?) wünscht, sollte sich einmal das “authenticated wordpress plugin” ansehen. [...]

October 20, 2006: 10:29 pm

[...] I knew there was a way to do this with WP… I didn’t want to have to use a forum software as the CMS for this functionality, because, the actual forum aspect would have been superfluous… don’t add more than you need seems to be a good policy……. anyway, my pal Kichus pointed me in this plug-in direction….. thanks Kichus… kf [...]

October 19, 2006: 3:55 am

[...] Wer sein Blog abschotten will, dem hilft das Angsuman’s Authenticated WordPress Plugin. Damit ist nur ausgewählten Gäste der Zugang und das Lesen im Blog möglich. [...]

October 17, 2006: 12:39 am

@Scott,

We will be supporting it in the next version.

October 16, 2006: 2:09 pm

Great plugin - thanks!

October 6, 2006: 3:09 am

[...] Install Angsuman’s Authenticated WordPress Plugin - Password Protection for Your WordPress Blog [...]


dom
October 3, 2006: 10:26 am

really looking forward to the new version.
thanks a lot for your work!

dom


scott
September 28, 2006: 2:21 pm

People can still click the ‘register’ link and access the site. Can I just take off the ‘register’ link from the page?

I want to make this a paid membership blog where I manually create each user.

Thanks,

Scott….

September 26, 2006: 4:18 pm

[...] I think this blog is a helpful way to discuss ideas. For example, today we’re talking about the photo shoot: what we learned, what we would do differently, etc. This seems much better than a long, chopped-up email, and it’s permanent. I can see value in having an internal blog. (Also, with a download and a few clicks, we could password-protect this blog and seal it off.) [...]

September 24, 2006: 5:13 am

I have just installed your plugin on a new blog I am doing and first - thank you!

II ave a question, though - My feed reader (netnewswire) does not pull the posts even though I have the correct password …

I click on the RSS button in Safari, the feed gets added, but no posts appear.

… I have no doubt that this is user error- any thoughts on what I am doing wrong?

Again, thank you. Without this plugin, I wouldn’t have been able to have published my new blog.

–Jim


romaba
September 23, 2006: 12:10 pm

thank you very much for Angsuman’s Authenticated WordPress Plugin

September 15, 2006: 6:52 am

[...] We are working on a new version of Authenticated plugin. Please let me know the features you would like in the comments or email it to me at angsuman[at]taragana[dot]com. We will provide several features and granularity in the functioning of this plugin. All the reported issues with the previous version will be solved. It will be a galaxy apart in terms of functionality over the Authenticated plugin. It will be targeted for WordPress 2.x blogs. [...]

September 15, 2006: 6:45 am

We will provide it in the new version. We are working on a new version of this plugin. Please let me know the features you would like in the comments or email it to me at angsuman[at]taragana[dot]com.

September 15, 2006: 2:40 am

I agree with Mathijs. It would be awesome if you could use this plugin to make only certain sections/post/pages inaccessible to unregistered users, instead of the entire blog.

September 7, 2006: 3:11 pm

[...] Heute habe ich ein neues Wordpress-Plugin entdeckt: Angsuman’s Authenticated Wordpress Plugin. [...]

August 25, 2006: 12:44 pm

[...] Got another optional WordPress plugin for you to try this morning: Angsuman’s Authenticated WordPress Plugin [...]

August 24, 2006: 11:10 pm

Hi,

Is there a quick extra check you can do to say everything but the main page (the one that list the most recent entries)?

It’s probably because I’m not familiar with the API, but I would assume it’s just a “&&” to this line?

if('wp-login.php' != $pagenow && 'wp-register.php' != $pagenow) add_action('template_redirect', 'ac_auth_redirect');

Regards,
Steph


XTinitus
August 5, 2006: 7:35 am

Ce script est tout à fait génial. Merci beaucoup pour cet apport à WP. Il fonctionne bien avec tous les navigateurs sur Mac.

July 24, 2006: 9:42 pm

[...] Angsuman’s Authenticated WordPress Plugin - Password Protection for Your WordPress Blog -Simple Thoughts - Java and Web Technology Blog (tags: Wordpress plugin password authentication) [...]


ChrisDKK
July 24, 2006: 8:54 am

I’ve having trouble, similar to dafebe’s.

If I goto

https://domain.com/blog/wp-login.php

it logs me into the wp admin panel without any problems

but if I goto

https://domain.com/blog

it changes the url to

https://domain.com/blog/wp-login.php?redirect_to=%252Fblog%252F

if I log in using that url I (obviously) get the message

The requested URL /blog/2Fblog2F was not found on this server.

Any ideas?

July 21, 2006: 6:53 pm

Hi Angsuman,

Would it be possible to do something with the plugin so that it can protect a certain area of the site instead of the whole blog?

I’d like most of the site to be public exept for one restricted area where people need to be logged in to access it.

Even better would be something where i would have a public area, a restricted area and parts within the restricted area that would be accessable by certain users.

For example, let’s say i want a blog for a school. The blog is viewable to everyone without logging in exept for one restricted area. That area is accessible for registered students / teachers / parents. Some of the parts can be viewed by teachers but not by students, some of the parts can be viewed by students but not by regular visitors. Something like that.

I think the last thing would be very hard to create. But perhaps the first thing would be a nice idea. I think a lot of people would be interested in that. A few normal pages for everyone and a restricted area for the registered users.


Gemme
July 13, 2006: 2:42 am

Looking forward to the Pro Plugin. How soon is soon:)

I run into the same issue as others that after logging in the visitor is re-directed to the profile page instead of the posts. I hope the Pro version will help in this case.

Actually, if possible I would like an option that access of a logged in user to be totally limited to reading posts and have no other rights at all (or only of seeing his profile) so he won’t be bothered with all the rest of the dashboard which is of no use to the user anyway.

Anyway, the plugin is really great already and I am looking forward to future versions. Thanks

July 9, 2006: 11:23 am

I will have a pro version of this plugin soon.

July 9, 2006: 7:29 am

Tell them to clear the browser cache and try again.


Mike
July 9, 2006: 5:41 am

Thanks for a great plugin. But I have one problem - I run a site that only my family sees - trouble is - some of them can’t login - it just doesn’t seem to work! I have fully tested it on several computers and it works fine - but I don’t have access to theirs - could it be a firewall issue?


pdi
July 1, 2006: 12:14 am

One difficulty I can’t resolve: if /blog is protected by the plugin then /blog/file.zip or /blog/anydir/file.zip are not, and if one types the address one can quite happily download the file without any authentication. Is there a way to protect such a file from download?

June 28, 2006: 8:12 am

[...] Angsuman’s Authenticated WordPress Plugin - Password Protection for Your WordPress Blog -Simple Thoughts - Java and Web Technology Blog (tags: Wordpress plugin password authentication) [...]

June 26, 2006: 7:32 pm

嘿,大家好,有做网站的吗?推荐一个虚拟主机服务商,提供高品质的虚拟主机服务,不容错过哟.
——-
环球万维(http://www.netinter.cn),专业虚拟主机域名注册、服务器租用服务商!20项虚拟主机领先管理功能,系统全自主开发。强劲的技术实力,贴心的客户服务。是企业上网,个人建站的首选网站空间提供商,优惠价100元起

June 21, 2006: 4:22 pm

I’m dealing with the same types of things as Lisbeth & Jordon.

When we login, we are sometimes directed to the profile page, and sometimes the website. I have cleared my cookies and still have the same problem.

I’d really rather have them go to the website right off the bat. Is there somewhere I can specify a certain page to be redirected to?

Thanks!


jordon
June 15, 2006: 9:06 pm

if i log in as admin, i’m redirected to the admin page. if i click on “view site,” i stay on the same page. if someone registers, he or she is directed to the profile page. when an attempt is made to click on “view site,” the user is stuck on the profile page. any ideas? thank you.

June 15, 2006: 3:30 pm

Try clearing your cookies.


Lisbeth
June 15, 2006: 1:40 pm

Great plugin, thanks. I’m using our blog as a resource site for sales reps, so it’s a perfect solution to keeping confidential info under wraps.

I’m concerned, however, because after logging in, somtimes I’m directed to the blog, and sometimes to the admin panel (but I can’t figure a way to replicate one result or the other. This seems to be happening to me in both Firefox and IE). I think this is the same problem Fred was having, but I can’t tell from the comments what the solution was.

I’ve looked at the plugin code, but I don’t know enough to figure out where or how to fix this. Any ideas?


papastreets
June 13, 2006: 8:19 pm

Blee: that parse error on line 14 is probably because the strange quotes were converted to invalid code when you copy pasted. Make sure all the quotes are corrected after pasting. works fine for me.

June 4, 2006: 10:43 am

[...] Wordpress � unanimidade em solu��o para blog. H� uns tr�s anos, quando comecei minha vida blogger, eu mesmo escrevia um pequeno gerenciador de not�cias, mas isso n�o se mostrou t�o eficiente. Depois disso, adotei o AJ-Fork, mas esse tamb�m n�o se mostrou t�o eficiente. Adotei o Wordpress e agora relato alguns plugins bastantes interessantes, que uso aqui, ou na extranet da empresa (sim, aonde trabalho estamos desenvolvendo uma extranet). Browser Sniff: exibe informa��es de browser e sistema operacional de quem comenta. A Different Monthly Archive Script: exibe o arquivo de posts em forma de tabela. PHP Highlighter: colore a sintaxe de scripts PHP Quote from TXT: Frases aleat�rias de um TXT no blog Subscribe to comments: Adiciona um campo no formul�rio de coment�rios que permite acompanhar as discuss�es por email IP2Nation: Exibe o pa�s de quem comenta Weighted Categories: Exibe as categorias do blog em formato tagcloud, ou seja, categorias com mais posts em maior tamanho de fonte Angsuman�s Authenticated: Restringe o acesso ao WordPress apenas a usu�rios cadastrados. Live Search: busca estilo Google Suggest AdSense-Deluxe: plugin para melhor gerenciamento do Adsense Publicado em 04/06/2006Tagcloud: php, wordpress var oldtitle = document.title; document.title = ‘leonardofaria.net // weblab // Top plugins para Wordpress’; [...]

May 23, 2006: 1:49 am

Thank you for a great plug-in.

I also required an approval system for each new user - so I can reject unapproved users before they get to view the site.

I found a simple system that did this

Can you include this function in your plugin?

thanks again for a great plug-in.


Dave Coe
May 22, 2006: 3:21 am

Iim looking at your plugin and it looks great but do you have a version that does the following:?

The user can view the blog as a ‘guest’ but only see say 30 words (a variable that can be changed by admin). The user has to click on the 30 words (a link) to see the full artical, then the username/password screen appears. If the username and password are correct they can see the full artical.

This is a feature that i urgently need. Any Help?

May 18, 2006: 1:04 pm

[...] Angsuman’s Authenticated WordPress Plugin - Password Protection for Your WordPress Blog -Simple Thoughts - Java and Web Technology Blog Du kan velge om du vil kun la registrerte brukere lese bloggen din, eller om du vil totalbeskytte den helt ved å skru av registrering. [...]


Blee
May 18, 2006: 4:05 am

Hmm. It gives me a parse error on line 14…

May 17, 2006: 8:06 am

The code was chopped up a bit when I posted. All you really have to do is change the function in the ac_authenticator.php plugin file.

From:
function ac_auth_redirect() {
// Checks if a user is logged in, if not redirects them to the login page
if ( (!empty($_COOKIE[USER_COOKIE]) &&
!wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true)) ||
(empty($_COOKIE[USER_COOKIE])) ) {
nocache_headers();
header(”HTTP/1.1 302 Moved Temporarily”);
header(’Location: ‘ . get_settings(’siteurl’) . ‘/wp-login.php?redirect_to=’ . urlencode($_SERVER['REQUEST_URI']));
header(”Status: 302 Moved Temporarily”);
exit();
}
}

To:
function ac_auth_redirect() {
// Checks if a user is logged in, if not redirects them to the login page
$dd_thispage = "http://www.yourblog.com". $_SERVER["REQUEST_URI"];
//echo $dd_thispage . “”;
$dd_test = get_bloginfo(’rss2_url’);
//echo $dd_test;

if ($dd_thispage != $dd_test){

if ( ( !empty($_COOKIE[USER_COOKIE]) &&
!wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true)) ||
(empty($_COOKIE[USER_COOKIE])) ) {
nocache_headers();

header(”HTTP/1.1 302 Moved Temporarily”);
header(’Location: ‘ . get_settings(’siteurl’) . ‘/wp-login.php?redirect_to=’ . urlencode($_SERVER['REQUEST_URI']));
header(”Status: 302 Moved Temporarily”);
exit();

}
}
}

Hopefully that code didn’t get chopped up. I’m still testing it, but I think it works. Anyway, it is a start to the dialog about how to set authentication conditionally for specific urls. Byt the way, this code only frees up the main feed for your blog (blog.com/feed) and assumes that you have friendly urls turned on.

In order for the code to work on your blog, you must edit this line to include your base url:
$dd_thispage = "http://www.yourblog.com". $_SERVER["REQUEST_URI"];

Let me know if you have other questions.


Blee
May 17, 2006: 5:23 am

Thanks, Harvey!
Forgive my ignorant question, but where does this code go?

May 16, 2006: 8:23 pm

I modified this plugin to allow a preview of content via the RSS feed but to block access without logging in. This will allow members to receive updates via RSS regarding new content without violating privacy. I will only include a summary (or nothing other than a title) in the RSS feed.

While this doesn’t fix the problem of allowing authenticated users access to RSS feeds, it does mitigate it somewhate. The code is rough and may or may not work depending on your server configuration:

";
$dd_test = get_bloginfo('rss2_url');
//echo $dd_test;

if ($dd_thispage != $dd_test){

if ( ( !empty($_COOKIE[USER_COOKIE]) &&
!wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true)) ||
(empty($_COOKIE[USER_COOKIE])) ) {
nocache_headers();

header(”HTTP/1.1 302 Moved Temporarily”);
header(’Location: ‘ . get_settings(’siteurl’) . ‘/wp-login.php?redirect_to=’ . urlencode($_SERVER['REQUEST_URI']));
header(”Status: 302 Moved Temporarily”);
exit();

}
}
}
if(’wp-login.php’ != $pagenow && ‘wp-register.php’ != $pagenow) add_action(’template_redirect’, ‘ac_auth_redirect’);

?>

May 1, 2006: 6:05 am

[...] Page du plugin sur le site de l’Auteur [...]

March 30, 2006: 12:01 am

Thanks for yje tips.


Jim
March 27, 2006: 5:55 pm

I encountered some errors, similar to those noted by other commentors. I made the following changes to the plugin and it now seems to work in WordPress 1.5.2.

change


if ( (!empty($_COOKIE[USER_COOKIE]) &&
!wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true)) ||
(empty($_COOKIE[USER_COOKIE])) ) {
nocache_headers();

to


if ( (!empty($_COOKIE['wordpressuser_' . COOKIEHASH]) &&
!wp_login($_COOKIE['wordpressuser_' . COOKIEHASH], $_COOKIE['wordpresspass_' . COOKIEHASH], true)) ||
(empty($_COOKIE['wordpressuser_' . COOKIEHASH])) ) {
//nocache_headers();


cesar
March 18, 2006: 11:13 pm

I’m getting the same error many have posted here.

“Fatal error: Call to undefined function: nocache_headers() in … /Blog/wp-content/plugins/ac_authenticator.php on line 17″ error.

Can you please post a resolutions to this?

thank you.


Tom
March 11, 2006: 4:40 pm

Hi,

GREAT PLUGIN!

I have one problem. When you try to use try to view individual files within the wordpress dirrectory, they are visible without a password (example: http://yoursite.com/wordpress/photo1.jpg). Is there a way to fix this? Would modifying your .htacess file hep? How would you go about doing this?

Also, I was curious to see if anyone has found a plugin which allows users to register, but does not send them a password to your site until an admin has checked them over.

Thanks for your support!!

March 10, 2006: 8:29 am

Hello,

This looks great… but I can’t get it to work on WP1.5 - I’m getting the “Fatal error: Call to undefined function: nocache_headers() in … /Blog/wp-content/plugins/ac_authenticator.php on line 17″ error.

Can this be fixed?

If I comment out nocache_headers then I can’t view my blog at all :-(

Look forward to getting this working!

Cheers,

James


Bryan W
March 9, 2006: 3:22 pm

I thought this was fixed, but I guess not because I just installed the plugin, and it works great minus one glitch……you can’t register. White screen.

March 8, 2006: 4:35 pm

Hi, great plugin! A solution for the RSS-issues would be very appreciated. I want to share RSS only with registered users.

Thanks


Tom
March 7, 2006: 5:39 pm

I am running into the same issue as Elis, Fred and John… I have WP 1.5.2 installed on Unix and had to comment out nocache_headers(). Any ideas as to how this can be fixed?


elis
March 4, 2006: 12:44 am

Angsuman, I have the same problem of Fred and John, my blog is protected but i can’t see the main page of the blog… i only can see the wp-admin/ page!… do you have a solution?!

Thanks!, elisa

March 2, 2006: 4:50 am

I hate to make promises I cannot keep. I will try my best to make it available as early as possible.

March 2, 2006: 1:16 am

Angsuman,

could you tell us when approximately a new version of the plugin will be available. a version which would allow users to subsribe to RSS/Atom feeds.

Thanks ;)


John
February 22, 2006: 4:44 pm

Hi. I’m having a same or similar problem as reported by Fred above. When I login, it automatically redirects to the dashboard or profile page. When I click on the “view site” link, it redirects once again to the /wp-admin/ directory. I’m running WP 1.5 on FreeBSD.

Any ideas for a solution?

Thanks.

February 22, 2006: 12:31 pm

A simpler solution for you would be to rename the wp-rss2.php file and similarly change the name wherever it is referenced in code. This is called security by obscurity :)

February 22, 2006: 12:29 pm

I can add that easily to the plugin.
Alternatively you can use .htaccess. But then you will have to manually manage the access to your blog. Also it is more complicated than the plugin way.


Kevin
February 22, 2006: 11:08 am

Let me clarify. The feed link on the WP page does require a password to use. But, a user can manually type in the exact URL of the wp-rss2.php file and read the feed without using a password. I guess the question is, “How do I completely protect the feed to prevent this type of access?” Maybe .htaccess restriction?


Kevin
February 22, 2006: 2:03 am

I am running WP 2.0.1 The password protection works for the site, but the feeds are not protected. Any idea why the feeds are still wide open?

February 21, 2006: 12:03 pm

Please send it to angsuman[at]taragana[dot]com


Fred
February 21, 2006: 8:38 am

yes, a user (guest) was created with a password. the login worked, off the wordpress login page, and was directed to a tabbed profile page in wp-admin. the “view site” link then led to the admin home page in wp-admin rather than the site home page. for now url is private - will gladly provide via email. many thanks.


fred
February 21, 2006: 8:26 am

yahoo.com - sorry.


Fred
February 21, 2006: 8:25 am

yes, thank you. i did create “guest” as a user with a password. the entry worked but “guest” was redirected into a profile page with tab in wp-admin and clicked through to the wp-admin home page from “view site.” please email me and i’ll be happy to provide the url, which is private. thanks.

February 21, 2006: 4:01 am

Please provide me the site url.
Is guest a created user?


Fred
February 21, 2006: 1:46 am

i’m using wordpress on bluehost (if that matters)

installed the plug-in per instructions and it gave me the same error message as michelle on line 17

commented out the nocache_headers() line (forgive my illiteracy, used // in front of the line to comment out, fyi)

the plug-in seemed to work but upon login as a guest redirected to a profile update within wp-admin and wouldn’t click through to the site.

any thoughts or help would be very much appreciated.

thank you.

February 18, 2006: 8:29 am

I’m using WP 2.0.1

February 18, 2006: 12:49 am

Which version of WordPress are you using?

February 17, 2006: 5:22 pm

Hey, I just downloaded this today and was trying to get it to work, but it doesn’t redirect to the log-in page for some reason. The only thing it does is give a blank page with this on it:

Warning: Cannot modify header information - headers already sent by (output started at C:\Inetpub\wwwroot\mt\quietindweller\index.php:2) in C:\Inetpub\wwwroot\mt\quietindweller\wp-content\plugins\ac_authenticator.php on line 18

Warning: Cannot modify header information - headers already sent by (output started at C:\Inetpub\wwwroot\mt\quietindweller\index.php:2) in C:\Inetpub\wwwroot\mt\quietindweller\wp-content\plugins\ac_authenticator.php on line 19

Warning: Cannot modify header information - headers already sent by (output started at C:\Inetpub\wwwroot\mt\quietindweller\index.php:2) in C:\Inetpub\wwwroot\mt\quietindweller\wp-content\plugins\ac_authenticator.php on line 20

If you can help; I’d appreciate it very much.


Tom
February 14, 2006: 9:57 pm

Great plugin. Like many users, I’d love to see the ability for the RSS feeds to be accessable with a username and password. While I can’t see the RSS feeds of content currently, when I put a wordpress username/password into the RSS reader it connects, but returns an XML error…


mike
February 11, 2006: 7:54 am

hi

a couple of questions - the plugin looked ideal for what i need. I downloaded and activated it. now when I go to the blog i just see a white page in the browser - no errors just a white screen. So I read a little further in this posts comments and you mention that you have a selectable content protection plugin. Can you advise/point me in the right direction on either of these please.

with kind regards

Mike


Gerry
February 8, 2006: 11:44 am

I am also interested in registered users being able to get RSS feeds. My newsreader NetNewsWire does have a place for authentication info, but it does not get past your protection. Is there any mechanism for getting the RSS feeds right now?

Thanks

Gerry


dafebe
February 2, 2006: 4:51 pm

TNX man!!!
this error there is only for admin

here you can downlod it
http://mvdkwast.free.fr/stilglog/files/coppermine-3.9.zip

and I think the file that give error is into coppermine-3.9\cpg\1.4x

very very TNX!!!!

February 2, 2006: 8:22 am

Like “igobypaul” I am also interested in a plug-in similar to this that allows you to configure what is restricted. I need something more flexible than the all-or-nothing approach.

Any suggestions, links?

Thanks,

- jason

February 2, 2006: 8:20 am

@macsou
You can comment out/delete that line.

@dafebe
Apparently coppermine alters some global variable in its plugin. I would have to look into the copermine coded to determine what they are exactly doing.


Michelle
February 1, 2006: 3:47 pm

HI
I am using wordpress 1.5.2 and when using the following plugin I get the following error.

Fatal error: Call to undefined function: nocache_headers() in /fpgs/fpgshttpd/sunshine/wp-content/plugins/ac_authenticator.php on line 17

Is there any other way to fix this? Or is there a download for a previous version or something?

Thanks


dafebe
February 1, 2006: 2:28 pm

HI i have this problem.
I active the plugin and it’s all ok.
I’m not logged and he ask me to loggin
http://www.mywebsit.com/blog/wp-login.php?redirect_to=%2Fblog%2F
I try to connect but it answer me error. The redirect creates an error.

I have my websit in http://www.mywebsite.com/blog and it redirect me on http://www.mywebsite.com/blog//blog/

it redirect me to
http://www.mywebsite.com/gallery/wp-login.php?user=2&session= … e&referrer=http://www.mywebsite.com/blog//blog/

I have copperime 3.9 activated if deactive it all work
http://mvdkwast.free.fr/stilglog/index.php/wordpress-plugins/coppermine-plugin/

What I can Do?
help me please.


igobypaul
February 1, 2006: 7:26 am

This new version workes fine - I don’t get “200 OK” message any more. Thank you very much for this plugin.

I’m also interested in using the plugin that allows control over what I want to be protected.


macsou
January 29, 2006: 1:41 am

Hey,

Can’t use the plug-in.
I get trouble with this message :

Fatal error: Call to undefined function: nocache_headers() in … /Blog/wp-content/plugins/ac_authenticator.php on line 17

Can you help me ?
Thanks
A+++++++++++

January 26, 2006: 12:09 pm

wow! that would be great! when do you think it’s going to be available for public use?

January 26, 2006: 8:13 am

Andrius,

I have a version in testing which allows fine-grained control over what you want under password protection. That should solve your problem.

January 26, 2006: 1:30 am

Hey.
thanks for a great plugin. I am using it for our companie’s internal blog. unfortunately, i cannot get my feeds working after installing the plugin. feeds in firefox are working just fine, but neither bloglines nor feedreader can find a feed (even if I point them to direct url of the feed). i think it has something to do with password protection. How do i solve this?

January 24, 2006: 11:08 pm

Ben & others (facing the intermediate page issue),

The problem has been fixed as per suggestions by an user (details in the article). Please update your version and let me know.

Best,
Angsuman

January 23, 2006: 8:52 am

Ben & others,
I have been hearing this complaint sporadically. However I couldn’t reproduce it any of my test installations on windows NT or Linux.

If any of you would be kind enough to give me full access to a test blog (for a limited time) where the problem is happening, then I can look into debugging it.

Thanks,
Angsuman


Ben
January 21, 2006: 9:24 pm

I’m having the same problem as Teresa. The redirect doesn’t work on my Mac with Safari or FF 1.5 - don’t know about IE (don’t care).

Thanks.

January 20, 2006: 3:41 pm

Hi,

Thanks for making this great plugin. One question: Is there a way I can get it to redirect straight to the login page *without* the screen that says “this document has been moved”?

Thanks again.


Teresa Lo
January 16, 2006: 1:08 pm

Sorry - It happens with FireFox 1.5 Beta 2. Redirect works just fine with IE.

Thanks!


Teresa Lo
January 16, 2006: 12:35 pm

I have a quick question. I see that your demo does the redirect so that it automatically lands on the WordPress logon.

For some reason, mine does not. See http://powerswings.com/atwork/

What should I do?

Thanks!

January 10, 2006: 11:19 am

It is supposed to re-direct. Check for a demonstration on http://test.taragana.net/

Can you check again after disabling all your other plugins. Let me know if that helps.

Have you made any modifications to core WP installation at all?


Mike Boutté
January 10, 2006: 10:42 am

I have installled the plug in and it works great! Thanks so much. One thing - is it supposed to not re-direct when you hit the blog page if you’re not logged in?
For example - http://www.fearthepaint.com - is thaat the way it works? Or is something screwy with my server?

January 6, 2006: 8:43 am

Hi this is actually just a stupid ass guestion. If someone has fast solution please tell me. So I use this plugin and it seeeeems great! Only thing that i would like it to do is not take member to it’s profile page, i would like it to go straight into the mainsite. Any easy solution for that?, thanks!

January 2, 2006: 2:10 am

[...] Angsuman released his Authenticated WordPress Plugin to “make your blog accessible only to logged in users.” [...]


Tin
December 30, 2005: 5:06 am

hello, does this plugin protect RSS feeds and the like? thanks.

December 30, 2005: 2:46 am

It has been fixed. Please download again.

December 29, 2005: 10:12 pm

I will post a fix today. Thanks for the catch.


Wordpress2.0
December 29, 2005: 5:04 pm

Hey I was testing this code, and if you are not registered, you CAN’T Register. If you log out, and try to register, it wants you to login to be able to access it.

Can you fix this?

December 28, 2005: 11:11 pm

[...]   Password Protection,让你的blog只有注册/登陆后的用户才可以访问。 [...]

December 27, 2005: 3:37 pm

[...] Hay ocasiones en que nos puede interesar limitar el acceso al contenido y comentarios en nuestro blog a un grupo determinado de personas. Por ejemplo, deseas que el contenido sea solo accesible a los estudiantes del curso o los participantes de un taller. Con el Angsuman’s Authenticated WordPress Plugin puedes limitar el acceso a solo aquellos que tienen cuenta. El contenido del blog tampoco podrá ser identificado por los motores de búsqueda. [...]

December 27, 2005: 1:43 pm

[...] Angsuman’s Authenticated WordPress Plugin - Password Protection for Your WordPress Blog [...]

YOUR VIEW POINT
NAME : (REQUIRED)
MAIL : (REQUIRED)
will not be displayed
WEBSITE : (OPTIONAL)
YOUR
COMMENT :