Restricted Site Access for WordPress
Restricted Site Access is a WordPress plug-in that allows you to restrict access to logged in users and a set of IP addresses with flexible restricted access behavior.
Description
Limit access your site to visitors who are logged in or accessing the site from a set of specific IP addresses. Send restricted visitors to the log in page, redirect them, or display a message. A great solution for Extranets, publicly hosted Intranets, or parallel development sites.
Adds a number of new configuration options to the Privacy settings panel. From this panel you can:
- Enable and disable access restriction at will
- Change the restriction behavior: send to login, redirect, or display a message.
- Add IP addresses not subject to restriction, including ranges.
- Quickly add your current IP to the restriction list.
- Control the redirect location.
- Choose to redirect visitors to the same path that they entered the current site on
- Choose the HTTP redirect message for SEO friendliness
- Customize the blocked visitor message.
Thanks to Eric Buth for adding IP range support to the code base!
Installation
- Install easily with the WordPress plugin control panel or manually download the plugin and upload the extracted
folder to the `/wp-content/plugins/` directory - Activate the plugin through the ‘Plugins’ menu in WordPress
- Configure the plugin by going to the “Privacy” menu item under “Settings”
Changelog and future enhancements are available here.
As always, feedback and suggestions are welcome!
77 Thoughts Contributed to “Restricted Site Access”
What do you think?
Screenshots
Hi there.
Installed it for hiding my website wile developing.
Used the 301 redirection.
Now, I’ve deactivated the Plugin but the 301 redirection is still working…
What shall i do?
cheers!
Z.
Hi
Any news on the exceptions feature?
Will it be possible with it to show the first page as preview and then look for login details when they try to view other pages/posts?
Hi
Great Plugin. Exactly what I needed for our corporate site. Thanks! Now for my question (tried to find an answer in the comments but couldn’t)
Is it possible to add multiple IP ranges? I need to provide access to the site from multiple locations but it still needs to behave like an intranet site.
Thanks for any help and thanks again for you work.
Hello Uwe, the short answer is yes. If a user is not in the allowed IP range, they can still see the Log in page. Therefore, if they have a valid user account, they can log in and add their own IP address to the list of allowed IPs. Then they can see the public side of the site. Hope that helps.
Do they have to add their IP address manually or does this work automatically the first time they log in? And do they only need to log in once and get automatic access on subsequent visits?
Thing is, I’d really rather not force anyone to type in credentials, even only once. A lot of people are immediately put off by this and leave. And for the rollout of our new site to be a success it needs to work as simple as possible for the visitor. Otherwise we lose lots of potential customers right from the start.
You know how it works, the first impression is very important.
So what you’re saying is one can only define ONE actual IP RANGE and to add visitors from other locations they’d need to log in at least once. But one CAN NOT define MULTIPLE IP RANGES?
Did I understand you correctly?
If so, any plans to add this functionality in the future?
Hello,
When I have this plugin active, the rss feed isn’t readable by external readers. Is there a way to have them both work and active simultaneously?
Hi David. The point of the plug-in really, is to help develop and stage sites before they go live – to hide development sites from the outside world and potentially search engines. If your site is live and you no longer need the plug-in for those reasons, the best thing to do is deactivate it completely. You don’t have to delete it, but it may not be enough to simply set it to “I would like my site to be visible to everyone”.
I understand this. However, this site is not intended for public viewing, ever. It is an internal site. Therefore, we would like to use the plugin indefinitely. This being the case, is there a workaround so that external aggregators can read the rss feeds?
Why not also restrict access to feeds?
Hey,
Thank you for this very usefull plugin for my website. I’ve also got some suggestions, but perhaps they are not really new.
1. ACL
In case of a very long list of IP addresses it would be nice if the can add a label. People will ask for access but nobody will ask the webmaster to remove their old IP from list. For an user cleanup it will help to find the duplicates.
2. Log
You can support the webmaster by logging IP addresses and a simple ‘add to list’ function
3. Redirect new users to a simple form to request access. The webmaster would be very happy if he can allow or deny this new request by a simple click.
Enough for now
Maarten
Thanks very much. So much faster than using .htaccess.