Keep non-wordpress files protected by login

  • michele.fog

    (@michelefog)


    11 years, 4 months ago

    I am using WordPress for its user database because I created a website with static html files that couldn’t be available for the world to see. Basically, you get to the WordPress sign in page and then once you have clicked “log in”, it links you to an html file that is hosted in the same directory as the WordPress files.

    The problem is that the html files are not protected by the WordPress password because if you type in the entire link (ex: mywebsite.com/not-protected-page.html), you can get onto the page.

    Is there some way of making it impossible to get to these html pages without passing by the WordPress Sign-in page?

Viewing 1 replies (of 1 total)
  • Ronald Huereca

    (@ronalfy)

    11 years, 4 months ago

    I can’t think of any “easy” way to basically inject a WordPress admin schema into your non-WordPress files, but you could place your html file in a password protected directory and give users the password on the page that you’re linking to the html file.

    However, users can easily share the password to non-logged-in-members, but they can do the same with their WordPress user/pass anyways.

    Assuming you are on apache, you can just use an .htaccess and .htpasswd file.

    Let’s assume you’re WordPress install is here: /

    Place your protected HTML file here: /html/{files go here}

    Generate an .htpasswd file and place in /html/.htpasswd: http://www.htaccesstools.com/htpasswd-generator/

    Then create an .htaccess file that points to the .htpasswd: http://www.htaccesstools.com/htaccess-authentication/

    So your password directory would look like this:

    /html/{files}
    /html/.htaccess
    /html/.htpasswd

Viewing 1 replies (of 1 total)

The topic ‘Keep non-wordpress files protected by login’ is closed to new replies.