Protected Pages Not Working in IE, Chrome, and Safari (4 posts)

  1. web-girl
    Posted 3 years ago #

    On a client site, I've set up three password protected pages using the default WordPress behavior. They all have the same password and were working fine in all browsers. I tested them in IE, Safari, and Firefox.

    I also changed wp-pass.php's code to make the password only save for a minute:

    // 10 days
    setcookie('wp-postpass_' . COOKIEHASH, $_POST['post_password'], time() + 60, COOKIEPATH);

    Now they're only working in Firefox. When a user enters the password in one of the other browsers, the page refreshes, keeping the user on the password entry page and not taking them to the actual protected page.

    I read some other posts on this. I tried clearing my cache, cookies, and restarting my computer. The website's URL is the same under General Settings (does not have a www, but no pages on the site use www).

    It's still only working in Firefox, and it's strange because it used to work in all the browsers.

  2. esmi
    Forum Moderator
    Posted 3 years ago #

    I also changed wp-pass.php's code

    No! Never, ever, edit WordPress core scripts. And do not encourage others to do so. Editing core scripts can bring down your entire site and/or open security holes for hackers to use. re-upload a fresh copy of wp-pass.php

  3. web-girl
    Posted 3 years ago #

    Thanks, that fixed it when I restored the file. However, won't someone who enters the password on a public computer have it saved? There's no way to log out and the timeout is 864000.

  4. esmi
    Forum Moderator
    Posted 3 years ago #

    A public computer should never cache anything or store cookies. Nevertheless,try adding this to your theme's functions.php file:

    add_action( 'wp', 'post_password_immediately_expires' );
    function post_password_immediately_expires() {
        if ( isset( $_COOKIE['wp-postpass_' . COOKIEHASH] ) )
            setcookie('wp-postpass_' . COOKIEHASH, '', time() - 31536000,

    Change the numeric value to suit your needs. For example, if you set it to zero, the cookie will become session only.

Topic Closed

This topic has been closed to new replies.

About this Topic