How to Restrict Protected Content Access to a Single User at a time

PPWP Smart Restriction extension allows you to limit the number of users who can access protected content at a time. Instead of letting anyone with passwords to access the content concurrently, you can restrict content access to a single user only. To be specific, if someone has already accessed the protected content, the others won’t be able to unlock content with the valid password until the former user’s cookie expires.


How to restrict content access to a single user

Once activating our plugins, navigate to Password Protect WordPress >> Smart Restriction menu from your admin dashboard.

Simply enable “Restrict Content Access to Single User” option.

How this feature works

Once users unlock the protected content with a specific password, our plugin will save this password as a cookie to their browser. So they do not have to re-enter the password whenever accessing the protected content until their cookie expires.

When “Restrict Content Access to Single User” option is enabled, our plugin will track the cookie expiration time of each individual user with Statistics extension. If others use the same password to unlock the content, our plugin can detect and block their access.

Let’s say user A uses password “123” to access the private content on October 10.

  • User A can keep access to the page without re-entering the password until his cookie expires, e.g. October 17.
  • The others are not able to access the page with password “123” during this period (October 10 – 17).

If you want to remove the current user’s access to let someone else use the password and view the content before the former user’s cookie expires, you can.

To do so, navigate to Password Protect WordPress >> Statistics submenu.

Click “View detail” of a specific password.

You will see the option to remove the cookie expiration time of the current user.

Once done, others can use this password to unlock the protected content.

It’s worth noting that:

  • For this feature to work properly, you are required to activate Statistics extension and enable “Restrict Content Access to Single User” option.
  • Users who have already accessed your protected content before the option is enabled, they can still see the content until their cookie expires.
  • If Password protect child pages option is enabled, our plugin will consider the parent and child pages as one. In other words, if a user accesses the parent/child page with a specific password, the others aren’t able to use this password to access both parent and child pages.
  • When you send the quick access link via social platforms such as Facebook Messenger or Whatsapp, their bots might make our functions not work properly. To fix the issue, simply add the following code snippet to your (child) theme’s functions.php file.
add_filter('ppwp_qal_single_allowed_page', function ($valid) {
	if (preg_match('/applebot|slackbot|baidu|bingbot|facebookexternalhit|googlebot|-google|ia_archiver|msnbot|naverbot|pingdom|seznambot|slurp|teoma|twitter|yandex|yeti/i', $_SERVER['HTTP_USER_AGENT'])) {
		return false;
	return $valid;
}, 999);
Lasted updated on April 12, 2021