Описание
Easily hide your WordPress site from public viewing by requiring visitors to log in first. As simple as flipping a switch.
Make your website private until it’s ready to share publicly, or keep it private for members only.
Особенности
- WordPress Multisite compatible.
- Login redirects visitors back to the url they tried to visit.
- Extensive Developer API (hooks & filters).
- Customizable. Set a specific URL to always redirect to on login.
- Filter exceptions for certain pages or posts.
- Restrict REST API to authenticated users.
- Translation Ready & WPML certified.
Bug Reports
Bug reports for Force Login are welcomed on GitHub. Please note that GitHub is not a support forum.
Установка
Upload the Force Login plugin to your site, then Activate it.
1, 2: You’re done!
Часто задаваемые вопросы
-
1. How can I specify a redirect URL on login?
-
By default, the plugin sends visitors back to the URL they tried to access. However, you can redirect users to a specific URL by adding the built-in WordPress filter login_redirect to your functions.php file.
-
2. How can I add exceptions for certain pages or posts?
-
You can bypass Force Login based on any condition by adding the following filter to your functions.php file.
You may use the WordPress Conditional Tags in your code.
/** * Bypass Force Login to allow for exceptions. * * @param bool $bypass Whether to disable Force Login. Default false. * @param string $visited_url The visited URL. * @return bool */ function my_forcelogin_bypass( $bypass, $visited_url ) { // Allow 'My Page' to be publicly accessible if ( is_page('my-page') ) { $bypass = true; } return $bypass; } add_filter( 'v_forcelogin_bypass', 'my_forcelogin_bypass', 10, 2 );
Check out the Force Login Wiki on GitHub for additional examples to allow URLs to be publicly accessible.
-
3. How do I hide the «
Back to {sitename}» link? -
The WordPress login screen includes a «
Back to {sitename}» link below the login form; which may not actually take you back to the site while Force Login is activated. You can hide this link by adding the following action to your functions.php file.Requires: WordPress 2.5 or higher
// Hide the 'Back to {sitename}' link on the login screen. function my_forcelogin_hide_backtoblog() { echo '<style type="text/css">#backtoblog{display:none;}</style>'; } add_action( 'login_enqueue_scripts', 'my_forcelogin_hide_backtoblog' );
Отзывы
Участники и разработчики
«Force Login» — проект с открытым исходным кодом. В развитие плагина внесли свой вклад следующие участники:
Участники«Force Login» переведён на 13 языков. Благодарим переводчиков за их работу.
Перевести «Force Login» на ваш язык.
Заинтересованы в разработке?
Посмотрите код, проверьте SVN репозиторий, или подпишитесь на журнал разработки по RSS.
Журнал изменений
5.6.3
- Fix — Fixed issue for sites with a custom login URL.
5.6.2
- Fix — Fixed issue for sites with a custom login URL.
5.6.1
- Fix — Fixed too many redirects issue for Multisite users.
5.6
- Feature — Added filter for Multisite unauthorized error message.
- Tweak — Allow logged-in Multisite users to access bypassed pages of other sites.
5.5
- Tweak — Deprecated whitelist filter, use v_forcelogin_bypass instead.
5.4
- Tweak — Improved the visited $url variable.
- Tweak — Changed code to comply with WordPress standards — props Alex Bordei.
5.3
- Feature — Added nocache_headers() to prevent caching for the different browsers — props Chris Harmoney.
- Tweak — Removed $url parameter from whitelist filter.
5.2
- Feature — Added $url parameter to bypass and whitelist filters.
- Tweak — Updated Multisite conditionals which determine user access to sites.
- Tweak — Moved ‘v_forcelogin_redirect’ filter to improve performance.
5.1.1
- Fix — Improved the REST API restriction to allow alternative modes of authentication.
5.1
- Tweak — Restrict access to the REST API for authorized users only — props Andrew Duthie.
- Tweak — Added load_plugin_textdomain() to properly prepare for localization at translate.wordpress.org.
5.0
- Feature — Added filter to bypass Force Login redirect for allowing pages without specifying a URL.
- Tweak — Changed the hook for Force Login to run at a later stage in the WordPress tree.
- Fix — Replaced deprecated function — props Just-Johnny.
4.2
- Tweak — Made plugin translation ready.
4.1
- Fix — Multisite ‘Super Admin’ users do not need assigned sites to access the network.
4.0
- Feature — Added exceptions for AJAX, Cron and WP-CLI requests.
- Fix — Only allow Multisite users access to their assigned sites.
3.3
- Fix — Check for existence of explicit port number before appending port — props Björn Ali Göransson.
3.2
- Tweak — Removed v_getUrl() function to reduce possible duplicates of global functions — props Joachim Happel.
3.1
- Fix — Rewrote v_getUrl() function to use HTTP_HOST instead of SERVER_NAME — props Arlen22.
3.0
- Feature — Added filter for the redirect URL on login.
- Feature — Added filter to allow whitelisting of additional URLs.
2.1
- Fix — Rewrote v_getUrl function to include the server port — props Nicolas.
2.0
- Feature — Added redirect to send visitors back to the URL they tried to visit before logging in.
1.3
- Fix — Fixed password reset URL from being blocked — props estebillan.
1.2
- Tweak — Streamlined code
1.1
- Fix — Allow access to the registration and the lost password page URLs — props jabdo.