Support » Plugin: Absolute Privacy » [Plugin: Absolute Privacy] Absolute privacy enables login without password

Viewing 4 replies - 1 through 4 (of 4 total)
  • Same issue here. EVERY site I’m using this plugin is now broken. HUGE problem. Now I have to find another lockdown solution. Bummer, because I like this plugin. Any recommendations?

    esmi

    (@esmi)

    Forum Moderator

    if you have admin as a username

    You shouldn’t be using admin as user name – precisely because many sites are.

    I’m not using admin as a username. The plugin is broken and it will be forever as the author is no longer supporting the plugin. Read more on his blog:

    http://www.johnkolbert.com/site-news/the-official-goodbye/

    However, I found if you simply want a full lockdown on your site and to redirect all users to the login page, you must make sure this plugin is completely deactivated or not installed at all and simply add this code to the header of your active theme.

    <?php
    /*
    Checks to see if the visitor is logged in. If not,
    they are redirected to the login page.
    */
    if ( !is_user_logged_in() ) {
        auth_redirect();
    }
    ?>

    This is only useful if you want no pages visible to unauthorized users. There are other Members-only plugins that give you more granular control on a per page/post basis. I, however, was looking for full lockdown, like an extranet might be.

    Plugin Author Eric Mann

    (@ericmann)

    The plugin has been patched as of version 2.0.6 to fix this vulnerability.

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘[Plugin: Absolute Privacy] Absolute privacy enables login without password’ is closed to new replies.