WordPress: Require login for certain pages to view or edit.

Disclosure: This post contains affiliate links. I may receive compensation when you click on links to products in this post. For an explanation of my Advertising Policy, visit this page. Thanks for reading!

Why require a login for certain pages to view or edit in WordPress?

There are a few reasons why you would want to require a login for certain pages to view or even edit in WordPress.

First of all, if you have several Contributors writing content and publishing at various times from various places throughout the world, then you would want to give them access to their own pages or posts. 

If they have some sort of Editor role, you may want to give them access to pages and posts to edit and proofread before publishing.

In addition, maybe you want to make certain pages only available to special users who either pay for that content or are a subscriber to your WordPress blog or website.

These tasks alone could be quite cumbersome and time consuming, if you have a large WordPress blog or website. 

Maybe you have many WordPress blogs or websites with many users all having different roles. 

Organizing these roles and which content can be viewed and or edited by which users can be difficult to organize.

In this post, I’m going to go over how you can organize these tasks and how to require a login for certain pages to view or edit in WordPress.

To require a login for certain pages to view you can simply make the page “private”.

What is a private page in WordPress?

A private page in WordPress is simply a page that is not viewable to the public. Private pages will normally require a login in order to access, view and/or edit that page. 

To make posts or pages private go to the far right publish box and click “Private”. That’s it, now that post/page is private.

Only users with the roles of Administrator and Editor have access to Private Posts are able to view them. However, Administrators and Editors also have access to all private posts.

So what can you do if you want to set up private pages/posts and only allow certain users to access certain posts, regardless of WordPress default roles? 

Let’s not forget that a private page is not only good for WordPress websites that are, in general, viewable to the public, but are also good if you have certain people, like family, friends or even colleagues from your company, that you wish to only show specific content to. 

You can set up that up too in the WordPress dashboard with this plugin:

How to require a login for certain pages to view or edit in WordPress?

There are two ways you can require a login for certain pages to view or edit in WordPress. Both with and without the use of plugins.

Require a login for certain pages to edit.

The first way is through your WordPress dashboard. In order to require a login to edit pages in WordPress, you would need to assign a user role of Administrator or Editor. 

An Administrator or Editor in WordPress can access any page in WordPress and edit them. 

Author and Guest Author user roles can only edit their own posts or pages, but not any others.

As you can see, to require a login for certain pages to edit in WordPress by simply going through the dashboard is very limited. 

In fact, they are only limited to user roles.

User rolls are usually pre-determined in WordPress. You can read about them here, “Roles and Capabilities”.

In order to require a login to edit certain pages in WordPress, you would need to change the user roles and functions for your Administrators, Editors and Authors

However, please note that you can change these rules for User roles to fit your purposes for each. But you would need to have enough knowledge of PHP (the coding language that WordPress is built upon) in order to go into your site’s “functions.php” files to do so.

Or you can simply install a plugin to do so.

For most of us, the easiest way to require a login to edit certain pages though, would be to, of course, install a plugin. Like this one below:

Require a login for certain pages to view.

In order to require a login to view certain pages in WordPress, you will need to make a post or a page private for viewing as I had mentioned above. 

To make a post or page password secured, you simply go into the post or page editors that you would like to require a login for. 

Then you make the post/page require a password. 

Then simply create a password and give that password to whomever you wish to have access to that certain post or page for viewing.

They can then login to your WordPress to the certain post or page with the restricted access using the password you have given them.

Again the best way to require a login in WordPress to a certain post or page for viewing would be through the use of plugins. 

However, the best plugins for this type of function would be a membership type of plugin. 

Through these membership plugins you can control access and can require users or members to log in before viewing certain WordPress pages or posts. 

The beauty of most of these plugins is that you could do it from one simple dashboard. 

For example, you can make certain pages for paying members and certain pages requiring a login for other members. 

You can even create membership tiers limiting access to certain posts or pages and assigning logins for each.

There are several plugins that you can use for free and all of them, of course, have paid and premium features that are only available through a paid version. 

You will also find as with all WordPress plugins, that free versions can be quite limited. 

However, the paid or premium versions aren’t all that expensive. Especially considering the time it will save you and all those additional functions they can perform. Most of the time, it’s well worth the price.  

Possible security issues with private pages and posts in WordPress.

Depending on what you’re storing, simply making a post or page “private” may or may not be enough.

Password protected posts and pages in WordPress are casually secured on the front end. The password request is checked by the server, and no content is served to the post or page unless it matches. 

However, once the password is submitted, the password is then stored in plaintext on a cookie in the user’s system. 

So if their computer is compromised, it can be relatively simple for a Hacker or some Malware to steal the password.

It is also important to note that media files that are linked to or attached to a private page are not, in and of themselves, “private”. 

This means that if a user knows or guesses the path to an image or file that is linked to on a private page, they can download it without knowing the password.

On the server side, the security is much more lax for passworded posts. 

The content of the post is not encrypted or obfuscated in any way, and the password appears in the database in plaintext. 

So, a malicious user with author privileges or above can read any of the private contents, and if an attacker gains access to your database via any other security hole on the site, they can also access that private data.

So, basically, private posts are secure enough to be used for a simple paywall, or for casual privacy. 

However, privately password protected posts should not be used to store or transmit any real secure data like financial information and banking details.

How do I change the login page in WordPress?

The best and easiest way to change the login page in your WordPress website would be to use this plugin, “WPS Hide Login”. 

Simply install and activate the plugin. The steps are pretty self-explanatory. Here is what the plugin will look like once it’s activated on your WordPress website: 

By using this plugin you will reassign the WordPress login page from its standard wp-admin to a new login page like wp-pizza. 

This is a good way to add some extra security to your WordPress website. For example, if bots or any other hackers decide to try to break into your WordPress website through the normal wp-admin page, they will get a 404 page instead of the login page. 

This is a great way to at least discourage bots from trying to log into your WordPress website.

What is subscriber only content on WordPress?

Subscriber only content in WordPress is content that is only viewable to your WordPress website subscribers or members. 

But the term “Subscriber” should not be confused with the WordPress “role” of “Subscriber”.

Subscriber roles in the users section on your WordPress dashboard have a different meaning and capabilities within your WordPress website. 

A Subscriber role simply allows a frequent and a preapproved visitor to leave comments on your blog posts without the need of having to approve their comments beforehand everytime they make one.

The easiest way to implement “Subscriber Only Content” though would be to simply use a “members only” type plugin from the link above and enroll subscribers accordingly. 

You can then manage access to certain pages for certain subscribers. You may even be able to set up pay walls etc. through some of these plugins

In fact, there’s quite a few plugins you can choose from here to “Restrict Access” and require a login for certain posts and pages.

How do I hide my WordPress site from public view?

To hide your WordPress site from public view, you can simply make your WordPress website private. The easiest to do this would be to install a WordPress plugin like these below:

What is the link for WordPress admin login?

The link for a WordPress admin login usually has “wp-admin” in the URL. However, it is strongly recommended that you change this as soon as possible to another WordPress admin login URL. You can do this by using WPS hide login which I’ve talked about in this post.

Getting WordPress to require a login for certain pages, summary.

The easiest way to require login access for certain pages in WordPress is through the use of plugins. 

You can also restrict users with access to your WordPress website by assigning user roles through your WordPress dashboard. 

This way you can restrict who has access and require a login to edit any post or page on your website. 

This would also help save you time, especially if you have users all over the world in different time zones, by allowing them to edit and publish posts with you becoming a bottleneck of your own website’s content creation process. 

You can also create private posts which only allow access to certain posts or pages in WordPress by issuing passwords to those posts or pages. 

In order to access those posts or pages, they will require a login with the password for that certain post or page.

However, the easiest way to require a login for certain pages to view or edit in WordPress would be to install one or two plugins. 

The plugins above should take care of any login requirements for your WordPress website.

 

Web hosting in Iceland - OrangeWebsite.com