Extend Sitewide Protection Features

Password Protect WordPress (PPWP) makes it super easy for you to password protect the whole site with just one click. By enabling sitewide protection, you can restrict the public to access your private site. Your visitors will be required to enter passwords to see your protected content.

Password Suite extension extends PPWP Pro’s functionality by allowing you to restrict sitewide password usage as well as bypassing password protection using access links.

In this article, we’ll walk you through the following sections:


How to extend sitewide protection feature

In order to restrict password usage as well as creating bypass URLs, you are required to migrate all PPWP Pro sitewide passwords to its Password Suite extension.

To do so, navigate to Password Protect WordPress from your admin dashboard and switch to Sitewide tab. Then click on “Upgrade Now” button.

Please note that this migration process occurs once and can’t be reversed. After successful password migration, you can manage all sitewide passwords under a new table.

As a consequence, when you deactivate Password Suite extension, you might see an empty password field in some cases.

Currently, we haven’t handled hashed password created by PPWP Free version. So if you’re using a hashed password, please click “Save Changes” button to remove it and then generate a new one with Password Suite.

Restrict sitewide password usage

You can restrict password usage while creating a new password or editing existing passwords.

  1. Usage Limit: the maximum number of times a password is used. Default value is unlimited usage.
    • Let’s assume that the usage limit is set to 1. If a user enters that password to unlock your site, others can’t use it anymore.
    • This feature proves useful to prevent users from sharing your passwords without your permission.
  2. Password Expiry: make your password auto-expire after a period of time. In other words, users won’t be able to use that password to access your private site after a given time.

When creating a new password, you will be prompted to fill other pieces of information:

  1. New Password: unique, no space, case-sensitive and limited to 100 characters
  2. Label: allow to give some extra information for your password, e.g. what it is used for
  3. Redirect URL: define where users will be redirected once entering this password
  4. (Password) Type:
    • Global (default): anyone with the password can unlock your private site.
    • Roles: only specific user roles are able to use the password to access your site.
      • Let’s say you set a password with type Role (editor)
        • Only editors can use this password to unlock your protected site.
        • Other roles, e.g. subscribers, will receive an error message when entering it into password form.

Bypass sitewide protection

Instead of proving a unique password and your site URLs to your visitors, you can grant access to them using a single link called “access link”. So your visitors can access your private site directly without entering passwords.

Simply click on Copy access link button to generate and copy the access link.

Please note that an access link is associated with one password by default. That means when you edit/ deactivate/ activate/ delete a password, you’re editing/ deactivating/ activating/ deleting the corresponding access link. And you are required to create at least one sitewide password in order to generate an access link.

Lasted updated on April 1, 2020