I have a private self-hosted wordpress blog that I would only like to allow a few people to access. I don't want users to have to register a unique account on my blog, so I am using the plugin from OneAll to allow social media OAuth registration.
I am using the basic instructions from this blog post to get all the pieces working: http://wordpress.stackexchange.com/questions/47477/is-there-a-social-members-only-login-plugin-for-wordpress
- I am using the OneAll plugin for the login page. (http://wordpress.org/extend/plugins/oa-social-login/)
- I am using the User Role Editor plugin to create a "newuser" role (http://wordpress.org/extend/plugins/user-role-editor/)
- I am using the popular Members plugin to protect most of my pages and posts. (http://wordpress.org/extend/plugins/members/)
- And I am using Peter's Login Redirect plugin to redirect certain roles to specific pages upon login (so that newusers are redirected to a certain page but users I've "approved" can go to the homepage) (http://wordpress.org/extend/plugins/peters-login-redirect/)
Everything works beautifully except that if a user logs in via the OneAll Social Media login, they can still access pages I don't want them to see. The pages aren't visible in the navigation but they may know a direct link to the page. Most of the content is hidden on the page through the "Members" plugin, but because of the way some of the pages are coded, some content is displayed outside of the_content. I would prefer something that detects the user's role and then redirects to a page if they are not yet "upgraded" to member status.