Prevent domain mapping if logged in?

  • asocalguy

    (@asocalguy)


    10 years, 5 months ago

    I’d like to be able to force all of my users to access the admin area of their site using their subdomain (e.g. demo.myrootdomain.com) as opposed to a mapped domain (e.g. mymappedomain.com). This would allow me to secure the login area using .htaccess and prevent hackers from reaching the login page on the mapped domains.

    I’ve looked over the plugin and dived into the code a bit but I’m wondering if someone can give me a little guidance on the easiest/most effect place in the code to make this happen. At the moment, my main issue is that by default when users click from the front end to the backend, they are taken to the mapped domain even if they were on the subdomain on the backend.

    Anyone have any suggestions?

    Thanks!

    http://wordpress.org/plugins/wordpress-mu-domain-mapping/

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Author Ron Rennick

    (@wpmuguru)

    10 years, 5 months ago

    There is a checkbox in the DM settings for using the original domain for wp-admin.

    Thread Starter asocalguy

    (@asocalguy)

    10 years, 5 months ago

    Thanks for your reply, Ron. That doesn’t exactly do what I want. I may not have explained it well. Basically, with the option you suggested set and a mapped domain (say mymappeddomain.com), the user can go to demo.myrootdomain.com and login. That’s great. But all the admin menu links and such on the front end use the mapped domain so if the user clicks View Page they end up on mymappeddomain.com, not demo.myrootdomain.com.

    This causes a problem for the user because my htaccess file prevents the user from going to the admin via the mapped domain so all those links in the admin menu won’t work. What I’d like to have happen is for the mapping plugin to go dormant if the user is logged in. This way, they’re forced to login via demo.myrootdomain.com and clicking to the front end will take them to a URL on the demo.myrootdomain.com, not mymappeddomain.com.

    Does that make sense?

    Thanks!

    Plugin Author Ron Rennick

    (@wpmuguru)

    10 years, 5 months ago

    Does that make sense?

    Yes. You’re going to have to write some custom code to do that.

    Thread Starter asocalguy

    (@asocalguy)

    10 years, 5 months ago

    Yes, that’s totally my expectation. I know this is a terribly open ended question but I’m wondering if you can give me 25 words or less 🙂 of guidance on where to consider putting that hack. I realize it’s not something you would support; I’m must looking for a nudge in the right direction.

    Also, it sounds like this isn’t something you’d find interesting enough to put in the actual plugin. Is that right?

    Thanks!

    Plugin Author Ron Rennick

    (@wpmuguru)

    10 years, 5 months ago

    I’m wondering if you can give me 25 words or less 🙂 of guidance on where to consider putting that hack.

    To be honest I haven’t ever thought about how one might go about doing that.

    Jason LeMahieu (MadtownLems)

    (@madtownlems)

    10 years, 4 months ago

    Would it be as easy as just wrapping a bulk of the code in a !is_user_logged_in() ?

    http://codex.wordpress.org/Function_Reference/is_user_logged_in

    Plugin Author Ron Rennick

    (@wpmuguru)

    10 years, 4 months ago

    Would it be as easy as just wrapping a bulk of the code in a !is_user_logged_in() ?

    No, because the domain lookup happens long before WP can determine if you are logged in. WP has to determine what domain to retrieve the auth cookie from before retrieving said cookie.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Prevent domain mapping if logged in?’ is closed to new replies.