Why You May Want to Password Protect Your WordPress Site
It may seem counterintuitive, but there will be times when you need to restrict access to the content on your WordPress site. You can do this through a variety of means. You can make a page private. You can set your site to “noindex”. You can also create landing pages that only select individuals are given a link to.
But did you know you can also password protect content on your WordPress site?
It may seem excessive to add password protection to WordPress if there are other ways to mask content on your site, but this option will come in handy under certain circumstances. Let’s take a look at what those are as well as a few of the ways in which you can password protect different parts of your WordPress site.
9 Reasons You Might Want to Password Protect a WordPress Site
You might be thinking, “What’s the point in developing WordPress sites if we’re just going to hide them from public view?” Well, I can give you a number of reasons why WordPress developers would want to do this:
I once had a client who developed a really innovative piece of technology. However, he was in the process of securing a patent for it, so he wanted to password protect his site until it went through.
Now, the reason he didn’t just set the site to private or wait to have it built until the patent was secured was simple: he needed to be able to educate possible investors on his invention and a website was the best way to do it. So, once they signed an NDA, he could grant them a temporary password that gave them 24-hour access to explore the site.
While you might not run into this often or at all as a WordPress professional, people who create websites for personal reasons or a highly contained audience may want it to be totally exclusive to that group. Think of like a site built for friends or family to gather, share pictures, and communicate.
3. Paid Privilege
This is basically when you create an area on your site that can only be accessed by paying members. You’ve seen this with WPMU DEV. You may have also experienced this if you joined an exclusive gym or spa. They usually have special areas on the site where you can explore and sign up for their services, classes, etc.. Basically, if you have a reason for a members-only area of the site, you need to password protect it.
4. Restricted Events
Not every page on a WordPress site needs to be shared with the public, especially if it gives users access to privileged information. With this kind of reasoning, you’ll usually have to password protect things like landing pages for exclusive events or a page containing special downloadable content offered to those who attended an invite-only webinar.
5. Sensitive Content
For bloggers that write content not suitable for all audiences, they can password protect certain posts. This may be because it covers something inappropriate for a younger audience or maybe they’re not ready to share something new they’ve written with everyone.
6. Educational Environment
There may be some educational materials, resources, forums, etc. that you want to restrict access to on a WordPress site. Let’s say you’ve built the site out for a teacher or a class, but want to ensure that outsiders aren’t able to access the proprietary materials. Your clients can give out passwords to students in order to keep their content reserved for those it belongs to.
7. Internal Communications
For WordPress websites built for private company operations and communications, you may find it beneficial to make the entire site password protected or to block off certain areas based on individuals’ roles within the company. You could also use this on a regular company website to restrict access to an employee portal where team members can go to check job-related notices, reminders, events, etc.
8. Private Sales
This one is for artists and photographers (and maybe even web developers if you flip websites) who create content and need a secure place to upload and share it with clients.
Take for instance, a photographer who shot a wedding. He or she doesn’t want to force the client to view thousands of photos on some random cloud storage site as they would prefer they still receive the fully branded experience. So, they share the content with the client through a password protected area of their site. They can even add a purchase button there, so clients can go ahead and buy the photos immediately upon approval.
9. NDA Restrictions
As a WordPress developer, it probably won’t be all too often you run into a client who requires you to sign an NDA. In the example of the inventor I mentioned above, we did have to sign one, which also meant we were not able to use his web designs in our online portfolio.
However, let’s say you have a looser NDA agreement with a high-profile client with a super recognizable name. You would love to use screenshots of their website to demonstrate to prospective clients how you were able to take an already top-ranking WordPress site from great to amazing… but they don’t want it to be publicly available on your site.
In this case, I say it never hurts to ask. See how the client feels if you suggest locking their website behind password-protected gate in your portfolio. That way, you can still benefit from showing off the work you did on their site, but it will only be to prospective clients you deem necessary to show it to.
How to Password Protect Content on Your WordPress Site
Whatever your reason for hiding your site or pages of your site from general access, you should know how to use password protection to control visibility. The first place to start is by figuring out what exactly you want to restrict access to:
- A single post or page?
- An entire category?
- The whole website?
There are ways in which you can password protect each of these. Let’s start with WordPress’s built-in password protection feature:
WordPress Visibility Settings
This is what the standard Publish box looks like for your Posts and Pages in WordPress:
This is what it looks like when you open up the Visibility settings:
Here is what it looks like on the front end of WordPress with the password in place:
This is a very simple way of adding password protection to full pages, posts, and even products in WordPress. Let’s look at some other options that give you more control over how these password protection rules apply.
Password Protect the Root Directory
If you want to trigger a password request for anyone who tries to enter your site (including search engines), you can do so by adding password protection to your root directory. In the How to Stop Google from Indexing Your Site, you’ll find the play-by-play on how to execute this directive under #2.
Password Protected Plugin
The Password Protected plugin allows you to put password protection over your entire website without having to go into your web hosting or control panel to do so. It’s easy to install and gives you just a small handful of options to choose in terms of who will see the password request screen.
Password Protected Categories Plugin
The Password Protected Categories plugin is a premium WordPress plugin you can use to block entire categories of content on your site. This is a good in-between solution if you don’t want to block all users from your website, but still need something more expansive.
Think about how much work it would take to go page by page, adding a new password to any content you want restricted. That would be incredibly labor-intensive and could also be problematic if users have to type in a new or different password each time. Just use this plugin instead.
WP-Members Membership Plugin
A membership website is technically a type of password protection you can use on WordPress websites. The main difference is that users create their own custom login and password so that, once they’ve paid, they can gain access to your content. If you want to restrict access to content based on who is logged in with a password that still motivates users to sign up for an unpaid membership, you can use WP-Members Membership plugin. This is an especially good choice if you have premium content you want to use as a carrot-on-a-stick to generate more leads on your site.
Password Protect Plugin by WPMU DEV
Finally, we have the Password Protect plugin by WPMU DEV. Of all the options mentioned here, this plugin is the only one that will give you granular control over password protecting individual pieces of content within a page or post. It also doesn’t require users to become subscribed or paying members to access it either; they just need the password.
Using this plugin is really easy, too. Let’s say you want to prevent certain users from watching a video embedded in one of your posts. All you need to do is highlight the piece of content you want protected in the text editor, click on the lock icon in the toolbar, and add your password. It’s that simple.
While it won’t be the case that you need to password protect every WordPress site you build, it’s good to know the option is available–even if your clients don’t initially realize this solution is possible. By utilizing the password protect features found in web hosting, WordPress, as well as plugins, you can quickly and easily add this extra layer of protection to any WordPress site.