Recently I had a client who required me to block access to the entire website except for a couple of pages. You would think this would be fairly straightforward to do however after messing about in the Restrict Content plugin I finally had enough of it not acting the way I wanted to – and decided to write code to do it myself.
If you currently have a site that needs to be restricted to non-logged in users except a couple of front end pages then this is the solution for you. It’s a very simple plugin and can be easily expanded. It’s nothing fancy but it got the job done – the client was happy and I wanted to share it with you.
Note: this does not have any fancy admin options – so you will have to set the pages that need to be restricted by hard coding the ID’s of the pages into the code (which I’ll get into later). This is pretty straightforward to do.
Read Also: Installing a WordPress Plugin
Table of Contents
First Things First – Setup Your Plugin
The first thing you want to do is set up your plugin – create a new folder in your WordPress plugins directory – I’ve called mine hs-restrict (hs is for Head Studios but you can name it whatever you like). Then I created a new file in hs-restrict called hs-restrict.php with the following Header information:
<?php /** * Plugin Name: Head Studios Restrict Plugin * Plugin URI: https://www.headstudios.com.au * Description: Plugin to restrict all pages except welcome and home * Version: 1.0.0 * Author: Head Studios * Author URI: https://www.headstudios.com.au */
As you can see I created the Plugin name, description, author, author URI and Plugin URI (really the plugin URI should be the link to the plugin page where people can find out more information about the plugin but I just created it to go back to my website. You can also just ignore this.
Step 2: Creating the Redirect Code
The first part of the plugin will redirect users to the login page – and it is designed to only redirect them to the login page if the user is not on a particular set of pages – the ID’s of which will be programmatically inserted here. So in other words – if you provide no ID’s then the entire website will be locked down. In my case I had to make available some welcome pages (and content under a welcome drop-down menu) – so I went to each of those pages in WordPress – hovered over the ‘Edit’ and took note of the ID. But I’ll get into that later – let’s check out the code first:
add_action('template_redirect','my_non_logged_redirect');
function my_non_logged_redirect()
{
if (!(is_page(array(11859,11823,12543,11822,12561))) && !is_user_logged_in() ) //
{
wp_redirect( '/wp-admin' );
}
}
There’s a couple of things to look over here.
The first is the action that we are adding our function to – namely ‘template_redirect’.
Note: you can find out more about actions from the WordPress Codex here: https://codex.wordpress.org/Plugin_API
It’s important to use the ‘tempalte_redirect’ function when restricting your page rather than the ‘init’ function (which I tried to use and failed at). The template redirect function is good to use because it’s fired right before WordPress is deciding what template to use – by doing it this way – since we don’t need to load a template – when hooking into this function the great thing is that we can still get the information about the current page ID – which is what we need – but before anything is loaded.
Getting the Page Id’s
As you can see there is a line on the code:
if (!(is_page(array(11859,11823,12543,11822,12561))) && !is_user_logged_in() )
You will see the numbers 11859,11823 etc. These are the numbers for the page Id’s which should be visible to non-logged in users. I’ll break down the rest of this code soon but first, let’s see how you can get the ID of a page using this client as an example.
Firstly you want to be logged into WordPress and then simply navigate to the page that you want non-logged in users to be able to have access to and then hover over the ‘Edit Page’ (or even ‘Edit Post’ if you want a certain post to be visible) and in the status bar you should see the ID of the page in the URL.
Let’s use a live example:
Here we see what happens when we are logged into WordPress and on the page, we want to allow our user to see and we hover over the ‘Edit Page’ button in the header.
Note: if you don’t see the admin header and you are logged in try this solution: https://wordpress.org/support/topic/missing-logged-in-admin-bar-on-homepage/
As you can see in the footer there is a link that goes like so:
https://staging1.headstudios.com.au/wp-admin/post.php?post=11822&action=edit
The staging1.headstudios.com.au will, of course, be different on your site but the /wp-admin/post.php?post=11822&action=edit will be similar across all WordPress installs (with a different post id of course).
So, in this case, it is telling us the ID of the POST – then all we have to do is save that number to memory and add it to our list of page ids that we want to allow – but let’s go back to the code we were looking at.
if (!(is_page(array(11859,11823,12543,11822,12561))) && !is_user_logged_in() ) //
What we are doing here is using the is_page function which is a conditional function that returns either true or false depending on if the id entered into the arguments. You can see one of the arguments it accepts is an array which holds a bunch of page ID’s that you want the user to access. Also what’s very important is the exclamation mark ‘!’ – before the is_page. Because what you are saying is – if the user is on any pages which are not the pages listed AND the user is NOT logged in !is_user_logged_in() – then we want to redirect them to the login page (which is the next line):
wp_redirect( ‘/wp-admin’ );
Simple!
Read Also: Creating A WordPress Theme
This replaces a lot of membership plugins that do a ton of things you don’t really need to do and can be a quick solution.
Let me know your thoughts or what you would be looking for to expand this plugin.
About the Author
Kosta Kondratenko is a web developer working for his company Head Studios. He specializes in WordPress custom development and SEO. He has over 10 years of experience and loves to write blog posts about topics happening in his industry. He’s passionate about sharing his knowledge and helping others achieve their goals. His clients include https://www.walkerlawgroup.com.au/ – personal injury lawyers in Sydney.
1 Comment
PressTigers
October 1, 2019 at 3:38 pmAmazing plugin..I will do share this knowledge as per provided by you to block certain required pages that you don`t want to share by just selecting and adding 20 lines of code. Further step by step procedure for this is good enough to understand..