Your Complete Guide: Password Protect WordPress Site
February 25. 2020
Most of the time, you want as many people as possible on your website. To achieve this, you make your content public, you work on your SEO, you promote everything you publish, you develop different strategies to entice people to visit your website and stay on it, you pay WP professionals to maintain your website for you, and just generally do everything you can to make sure your content reaches as wide of an audience as possible. But there are some cases where you’d rather know how to password protect a WordPress site. Perhaps you only want certain people to access your website. Or maybe it’s just some content that you want to keep private and protected. Either way, this is your complete guide on how to achieve that!
How to password protect WordPress site in its entirety
When you want to password protect a WordPress site, one option you have is to put the entire website under lock and key. If you do this, anyone who tries to access your WP website will need to type in a password that you decide on before they can see any content. This may seem like a pretty drastic measure that’s counterintuitive to most efforts of website maintenance. But it’s a great way to protect sensitive content or keep your users to trusted individuals only. Besides, password protection creates a certain sense of exclusivity. If you have a secondary website where you post content for subscribers only, you can password protect it and email your subscribers the password so only they can access the extra content. This can be a part of your marketing strategy.
In order to do any of this, you’ll need a third-party plugin. The most popular one at the moment is Password Protected by Ben Huson (available on WordPress.org). Download and activate it like you would any other plugin. Then navigate to Settings>Password Protected. You’ll need to configure the following settings:
- Password Protected Status: tick to enable to password protection of your website
- Protected Permissions: tick the box next to the category of those you want to exclude from needing a password (if you want)
- New Password: select and enter the password your users will use to access the website
- Allow IP Addresses: enter the IP addresses you want to exclude from needing a password (if any)
Remember to save your changes! Once you do, your website will be password protected. Instead of your homepage, visitors will see a page similar to the login page where they will need to enter the password to gain access.
How to password protect WordPress site categories
But let’s say that you don’t want to make your entire website private. Maybe there’s some content on it that you do want everyone to see and some content on it that you don’t want to share. There is, of course, an alternative to password protecting your whole WP site: you can restrict only select categories instead. This means that most of your websites will be accessible to everyone. But you can choose certain types of content that people need a password to access. This assumes you have a good grasp on categories, tags and other forms of content grouping in WP as well as use it consistently on your own WP site.
Once again, you will need a plugin to do this. The most popular choice here is Access Category Password. Once you install and activate it, navigate to Settings>Access Category Password. The settings you need to configure are:
- Password: set up the password people will need to enter to access restricted content
- Impacted categories: select which of your current categories you want to protect with a password
- Granting users: check the box next to the user roles you want to exclude from needing a password (if any)
- Only single post: only check this box if you want the posting page itself to be restricted but to show up in your archives and on your homepage
- Info message: choose the message users will see when asked for a password to enter protected content
Finally, remember to save your changes!
How to password protect individual posts
Occasionally, you will face a situation where you don’t want to password protect WordPress site in its entirety or even in part, but you do have a specific post that you don’t want to share with everyone. Maybe this is content that you don’t normally post and are just looking for the reactions and comments from certain people. Maybe the post is intended only for certain users. Or maybe it’s internal content, a test post, something that your users shouldn’t see. You’ll probably want to discourage search engines from indexing those posts as well.
Password protecting individual posts is easy. It’s a built-in feature of WordPress itself so you don’t need a plugin for it. While editing or publishing the post, look to the right-hand side. Under the publishing options, you’ll have the option to change the visibility of the post. Instead of public, set it to “Password protected” and choose a password for access.
How to password protect a certain part of otherwise public content
Finally, there are times when the point isn’t to password protect WordPress site, a portion of it or even a whole post but rather one specific section of content within an otherwise public post. You can do this with Passster, a plugin available on WordPress.org. Like always, start by installing and activating the plugin. Then navigate to Settings>Passster. Passster will have an automatically generated password for you but you can also select your own by clicking on “Add your shortcode password”. If you’re using your own password, you must click on “Save changes” before you copy the code. Then copy the shortcode that Passster generates for you and replace the “Your content here” within it with the content you want to protect with a password. Instead of the content within the shortcode, your users will see a blue box that asks for a password before showing it.