Create a gist now

Instantly share code, notes, and snippets.

What would you like to do?
T5 Force Log In
<?php # -*- coding: utf-8 -*-
* Plugin Name: T5 Force Log In
* Description: Grant access after log in only
* Plugin URI:
* Version: 2012.08.28
* Author: Thomas Scholz
* Author URI:
* License: MIT
* License URI:
add_action( 'template_redirect', function() {
is_user_logged_in() || auth_redirect();

mrhenko commented Jan 1, 2015

I'm currently trying to set up a restricted WordPress to share pictures of my daughter (when she's born later this year) with my family. I want sharing to be fairly simple but I don't want the pictures to be easily available on "the open internet". I like your solution a lot since it's so gorgeously simple. How secure would you say it is? Better, worse or the same as more "fully featured" plugins such as WP-Members and Restricted Site Access?


thefuxia commented Jul 17, 2015

Sorry for the late response. I was never notified of this comment.

It is secure for the HTML content. Images, on the other hand, are not routed through WordPress, so anyone can see them if they are able to get their URLs by guessing them or sniffing network traffic.

Where do I apply this code?

If you got a customized login page via front-end, you need to modify code as:

add_action( 'template_redirect', function() {
    if ( !is_page( id_of_login_page ) ) 
        is_user_logged_in() || auth_redirect();

or you will get a redirect error.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment