Force Login

Описание

Easily hide your WordPress site from public viewing by requiring visitors to log in first. As simple as flipping a switch.

Make your website private until it’s ready to share publicly, or keep it private for members only.

Features

  • WordPress Multisite compatible.
  • Login redirects visitors back to the url they tried to visit.
  • Extensive Developer API (hooks & filters).
  • Customizable. Set a specific URL to always redirect to on login.
  • Filter exceptions for certain pages or posts.
  • Restrict REST API to authenticated users.
  • Translation Ready & WPML certified.

Bug Reports

Bug reports for Force Login are welcomed on GitHub. Please note that GitHub is not a support forum.

Установка

Upload the Force Login plugin to your site, then Activate it.

1, 2: You’re done!

Часто задаваемые вопросы

1. How can I specify a redirect URL on login?

By default, the plugin sends visitors back to the URL they tried to access. However, you can redirect users to a specific URL by adding the built-in WordPress filter login_redirect to your functions.php file.

2. How can I add exceptions for certain pages or posts?

You can bypass Force Login based on any condition or specify an array of URLs to allow by adding the following filter to your functions.php file.

You may also use the WordPress Conditional Tags.

/**
 * Bypass Force Login to allow for exceptions.
 *
 * @param bool $bypass Whether to disable Force Login. Default false.
 * @param string $visited_url The visited URL.
 * @return bool
 */
function my_forcelogin_bypass( $bypass, $visited_url ) {

  // Allow all single posts
  if ( is_single() ) {
    $bypass = true;
  }

  // Allow these absolute URLs
  $allowed = array(
    home_url( '/mypage/' ),
    home_url( '/2015/03/post-title/' ),
  );
  if ( ! $bypass ) {
    $bypass = in_array( $visited_url, $allowed );
  }

  return $bypass;
}
add_filter( 'v_forcelogin_bypass', 'my_forcelogin_bypass', 10, 2 );

Checkout the Force Login Wiki on GitHub for additional examples of some different methods for allowing dynamic URLs.

3. How do I hide the «← Back to {sitename}» link?

The WordPress login screen includes a «← Back to {sitename}» link below the login form; which may not actually take you back to the site while Force Login is activated. You can hide this link by adding the following action to your functions.php file.

Requires: WordPress 2.5 or higher

// Hide the 'Back to {sitename}' link on the login screen.
function my_forcelogin_hide_backtoblog() {
  echo '<style type="text/css">#backtoblog{display:none;}</style>';
}
add_action( 'login_enqueue_scripts', 'my_forcelogin_hide_backtoblog' );

Отзывы

08.10.2021
Easy and clean. No need for a membership plugin. Thank you!
04.10.2021
This plugin works as described, but not as expected. To be useful for a membership site, it would require an option to exclude the registration page. To their credit, they give code to add the functionality, but people who are comfortable writing code are not the ones looking for a plugin I imagine.
16.09.2021
I installed it, cleared cache, and it worked beautifully. I had tried a few other plugins with a bunch of extra features and was so happy to install this and it "just work". Thank you for making it and keeping it up-to-date.
15.09.2021
The Force Login plugin for WordPress does everything as advertised! I also appreciated the extensive documentation. Recently I had an issue and opened a support ticket. The plugin author replied to the ticket within 24 hours and provided me with a solution! Amazing plugin and support! Thank you!

80

07.09.2021
How can I put an exception for all my blogs and blog pages without repeating or writing each page or blog. so that the visitor doesn't login to read a blog.
Посмотреть все 84 отзыва

Участники и разработчики

«Force Login» — проект с открытым исходным кодом. В развитие плагина внесли свой вклад следующие участники:

Участники

«Force Login» переведён на 12 языков. Благодарим переводчиков за их работу.

Перевести «Force Login» на ваш язык.

Заинтересованы в разработке?

Посмотрите код, проверьте SVN репозиторий, или подпишитесь на журнал разработки по RSS.

Журнал изменений

5.6.3

  • Fix — Fixed issue for sites with a custom login URL.

5.6.2

  • Fix — Fixed issue for sites with a custom login URL.

5.6.1

  • Fix — Fixed too many redirects issue for Multisite users.

5.6

  • Feature — Added filter for Multisite unauthorized error message.
  • Tweak — Allow logged-in Multisite users to access bypassed pages of other sites.

5.5

  • Tweak — Deprecated whitelist filter, use v_forcelogin_bypass instead.

5.4

  • Tweak — Improved the visited $url variable.
  • Tweak — Changed code to comply with WordPress standards — props Alex Bordei.

5.3

  • Feature — Added nocache_headers() to prevent caching for the different browsers — props Chris Harmoney.
  • Tweak — Removed $url parameter from whitelist filter.

5.2

  • Feature — Added $url parameter to bypass and whitelist filters.
  • Tweak — Updated Multisite conditionals which determine user access to sites.
  • Tweak — Moved ‘v_forcelogin_redirect’ filter to improve performance.

5.1.1

  • Fix — Improved the REST API restriction to allow alternative modes of authentication.

5.1

  • Tweak — Restrict access to the REST API for authorized users only — props Andrew Duthie.
  • Tweak — Added load_plugin_textdomain() to properly prepare for localization at translate.wordpress.org.

5.0

  • Feature — Added filter to bypass Force Login redirect for allowing pages without specifying a URL.
  • Tweak — Changed the hook for Force Login to run at a later stage in the WordPress tree.
  • Fix — Replaced deprecated function — props Just-Johnny.

4.2

  • Tweak — Made plugin translation ready.

4.1

  • Fix — Multisite ‘Super Admin’ users do not need assigned sites to access the network.

4.0

  • Feature — Added exceptions for AJAX, Cron and WP-CLI requests.
  • Fix — Only allow Multisite users access to their assigned sites.

3.3

  • Fix — Check for existence of explicit port number before appending port — props Björn Ali Göransson.

3.2

  • Tweak — Removed v_getUrl() function to reduce possible duplicates of global functions — props Joachim Happel.

3.1

  • Fix — Rewrote v_getUrl() function to use HTTP_HOST instead of SERVER_NAME — props Arlen22.

3.0

  • Feature — Added filter for the redirect URL on login.
  • Feature — Added filter to allow whitelisting of additional URLs.

2.1

  • Fix — Rewrote v_getUrl function to include the server port — props Nicolas.

2.0

  • Feature — Added redirect to send visitors back to the URL they tried to visit before logging in.

1.3

  • Fix — Fixed password reset URL from being blocked — props estebillan.

1.2

  • Tweak — Streamlined code

1.1

  • Fix — Allow access to the registration and the lost password page URLs — props jabdo.