Support » Plugins » Intranet – force users to be logged in.

Viewing 6 replies - 1 through 6 (of 6 total)
  • scormeny


    I did some more research on this and found an answer that is currently working for me on my website.

    I have put this code at the very top of my header file:

      if ( (!empty($_COOKIE[USER_COOKIE]) &&
        !wp_login($_COOKIE[USER_COOKIE], $_COOKIE[PASS_COOKIE], true)) ||
        (empty($_COOKIE[USER_COOKIE])) ) {
      wp_redirect(get_option('siteurl') . '/wp-login.php?redirect_to=' . urlencode($_SERVER['REQUEST_URI']));

    I found this code at the following website:

    If anybody has commentary on whether this should work or I should find a better, more efficient code to use, I’d be most appreciative if your thoughts and guidance.





    Looks good to me. Thanks for the follow-up and good tagging. Info related to WordPress on intranets is sure sparse!

    Oh, one thought, make sure all your templates use the same header or that this function is in all your headers, otherwise people could stumble on via search.

    Also, might want to make sure and add robots.txt file to root to ask google, etc. not to index your blog.

    Thank you for the additional tips, Mahalie.

    I’m also a little concerned because the wordpress header code, of course, does not protect any of the “upload” folder and sub-folders or the images or any page not generated by WordPress.

    If anybody has thoughts on how to protect my uploads folder and any other subfolders given this intranet scenario I’d be most appreciative.

    In the case of the current site I’m working on, there is no sensitive or private information in the uploads or photos, so I consider this a low concern level right now, but in the future I’d like to know I can protect client data to the max.



    Ah! totally slick – good research Sara – thanks for doing that. It’s exactly what I needed too.

    I put this at the top of wp-blog-header.php, but it didn’t seem to make a difference. I cleared all session cookies, but going to my blog took me straight to index.php, not wp-login.php. We just went up on 2.3.2–would that matter? TIA.


    I found this plugin very useful:
    Members Only

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Intranet – force users to be logged in.’ is closed to new replies.