Support » Fixing WordPress » Security of Password Protected pages

  • Check out the site at

    There are two password protected pages that seem to work well. However, we had a person say they were able to view these pages without a password. How is this possible, and is there anything we can do to better password protect a page without having a user account?

Viewing 6 replies - 1 through 6 (of 6 total)
  • “resources” and “training modules”
    can not view – password protected

    did the person previously view the page with a password? maybe still had a cookie stored?

    Exactly right. The site is only a couple of weeks old… Our network administrator who first heard about it because of a separate issue is the one who got in, and did it infront of the site administrator. He is using the latest safari and OS X server 10.6.8 (if that has anything to do with it).

    We did a bunch of browser shots, and they all came back showing the password form.

    We, like most ed institutions in our state, are behind a pretty thorny firewall, but our site is on GoDaddy.

    Are you using a plugin to password protect the pages?

    No – the built in function… Found when you quick edit a page. What is behind the password is not confidential, but proprietary… So I get that it is less secure than using accounts, we just need to keep out the critters.

    Is there a way in which a visitor (identified by an email address) can apply for a password to access private pages. If approved we issue a unique password to them.

    If people register on your blog, they will be able to access your private pages.

Viewing 6 replies - 1 through 6 (of 6 total)
  • The topic ‘Security of Password Protected pages’ is closed to new replies.