Support » Plugins » Snippet to add 401 Not Authorized status

  • If you place the following at the top of your 404 template, you can alter the body output to be either 404 Not Found or 401 Not Authorized according to the value of $PRIVATE. This is very useful for those using WP as a CMS with users that are not too attentive to their login status. Note that this could be considered a very small security risk since you are allowing for confirmation of the existence of URIs that would otherwise remain obscured.

    global $wp;
    $post = get_page_by_path($wp->request, 'OBJECT', 'page');
    if( ! $post ){
      #by_path is broken for posts, depth count fails if full path is given
      $tmp = $wp->query_vars;
      $post = get_page_by_path($tmp['name'], 'OBJECT', 'post');
    if( $post->post_status == 'private' ){
      add_filter('wp_title', 'my_401_tweak', 10, 3);
      function my_401_tweak($title){
        return preg_replace('/404 Not Found/', "401 Not Authorized", $title);
      header("HTTP/1.1 401 Not Authorized");
      $PRIVATE = 1;
  • The topic ‘Snippet to add 401 Not Authorized status’ is closed to new replies.