There is no single plugin for the “secure” feature, just as (alas) there’s not a plugin for people to add a “happy” feature.
Security and WordPress is incredibly complex; out of the box WP is quite secure. If you want to tighten it more, start by studying the Hardening WordPress page.
If you want to shield off pages / posts based on access privileges (say, you create a separate “members” user group that can access those) you may want to think about User Access Manager.
Security, as I started out saying, is complex: you have to juggle and occasionally struggle to combine these three sometimes opposing factors: usability/functionality, performance, and security.
If what you want is to ensure that people can log in from unsafe places (say, open/unprotected WiFi networks) without sending the sensitive login information over open air, consider the Semisecure Login Reimagined plugin. However, please realize that the content of the page/post itself (e.g. sensitive data listings) will not be shielded from snooping eyes. That requires at least using SSL and that’s not as easy as it seems, even though the fantastic WordPress HTTPS plugin makes it a lot easier. You still need access to a valid SSL certificate and (ideally) a static IP for that.
Just remember: security is not something you switch on by adding a simple plugin.
Thanks…what I am trying to do is shield off a section of the site and allow member only access. So I will go check out the User Access Manage, sounds exactly right.
This site is a secondary one, for a journal, and the idea is to provide subscribers access to our database of printed issues (over 100 years of content and only 20+ years are digital, long term project). Our main website is within a university (also WP but template is paid for and hosted by the school) and they don’t allow non-affiliates access. You need a school login. So I had to create a second site (on a commercial server outside of the university) which will be linked to the first site. The second site is supposed to function as a subscriber only archives/database and I want certain pages (the archives themselves which have been uploaded to the site) secure from non-subscribers. Both sites are place holders until the university is willing to pay for the real deal (SSL, etc.). That might be a couple of years. So…I am learning as I go. I will begin with the User Access Manager and perhaps work my way to the https feature.
Appreciate the information….
Since you mentioned a university, they often have a restrictive email address policy; i.e. if you want to tighten registration (new signups) for your site as restricted to only those with a given university email address domain – say, email@example.com – you might want to look into a plugin that does that, for added security. The downside of course is that someone with a different email address will be SOL.
that’s exactly what i don’t want to do. i had to create the second site because non-univ people (which = 90% of our users) can’t login on our main site because they do not have univ. emails. just about everyone has that different email address. i want to create/allow members based on their status as subscriber to the journal and not necessarily affiliated with the school. but i might want to add that feature for staff.
Have you had a look at some of the content restriction plugins?
- The topic ‘secure login’ is closed to new replies.