Adding Access Control to the Blog

By nature, a blog is supposed to be accessible! After all, you – as the Blogger – want people to be able to access the blog, preferably without putting up any more hurdles than knowing the blog URL. Well, at least most of the time…

I do not want my Blog to be publicly accessible!

But what if you do want to block access to the Blog? There are a couple of scenarios where this might be useful, e.g. when running a corporate blog or when using plug-ins for tracking that only make sense if your users show up “in person” rather than as guest.

Using Plug-Ins to restrict access

There is a number of WordPress Plug-Ins available dealing with the topic:

  • Members Only (see here)
  • WordPress Access Control (see here)
  • Force User Login (see here)

Well, there are certainly more – but these are the three I looked at after digging a little bit into the topic.

Members Only

I did install Members Only manually after having had a very bad experience with the automatic installation of another plug-in before. The current version at the time of this post is 0.6.7 which I installed into a WordPress 3.0.4 environment.

After activating the plug-in, it’s configuration page becomes available under the WordPress Settings menu.

There are a couple of options – first and foremost you need to activate not only the plug-in but also need to enable Members only on the configuration page!

By default, it will re-direct users to the login page but you can specify a dedicated page instead if you want (especially useful if you want to provide feedback as to why the user did not get to see what she expected to see).

With the option enabled (and the browser session restarted!), the root page of the Blog now becomes inaccessible and I am redirected to the login page just as I expect it to be… works perfectly for me and will be the plug-in of choice for me.

WordPress Access Control

Second in test is WordPress Access Control – again in a WordPress 3.0.4 environment. I am using Version 2.1 of the plug-in with WordPress auto-install.

Once the plug-in is activated, the description says the access control settings would be available on when editing or writing a new post… they are not in my system! Besides the fact that this plug-in uses a slightly different approach by securing access to the individual posts rather than the whole blog (which I might have appreciated!) I am not getting a trace of the plug-in being present after installation. Since there are no more installation instructions than install and activate, this sees to be not working (in my environment at least).

Force User Login

Third in test is Force User Login, which I used version 1.2 in my WordPress 3.0.4 environment. Having the plug-in installed and activated, the root page of the blog becomes inaccessible as well but I do receive an HTTP 404 Error because the redirect goes to http://[MyServer]/ instead of http://[MyServer]/[Blogname]

Not sure if this is caused by a change in WordPress or my installation (on a Windows Server 2008 R2) but bottom line is that the plug-in does not seem to work “out of the box” which makes it a no-go for me.


Having tested three plug-ins in my WordPress 3.0.4 environment, only one of them came out as “working out-of-the box”. The other two didn’t appear to do anything (WordPress Access Control) or failed (Force User Login).

Being someone who is interested in the solution and not the reason why something would not work, I am naturally picking the one that does work – so for my corporate blog, Members Only becomes the solution of choice.

This entry was posted in WordPress Plug-Ins. Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *