Using WordPress for Simple Websites – Admin Access Plugin

Rational

When using WordPress as a CMS, and creating simple websites for clients, one of the concerns is to allow administrative access to us as developers, while at the same time preventing any such access to visitors.

One solution is a plugin which accomplishes two things:

• When not logged in, it prevents any and all access to the admin area, or any related URLs .. such as /wp-login.php etc.
• It provides a shortcode that can be added to a sign-in page, to allow logging in from the front-end.

The “Limit wp-admin access” WordPress plugin by DrMagu accomplishes both these things.

Installing

The plugin is available on WordPress.org and can be installed directly from the WordPress back-end.  The plugin is also available for download here.  After download, unzip the file.  Change the folder name to delete the stuff added by GitHub (e.g. -v1.0.5) and move the limit-admin-access-login folder to your plugin directory (wp-content/plugins).  You should be able to activate the plugin from your dashboard.

Using the Plugin

WARNING: When the plugin is activated, access to the normal login for WordPress is disabled.  To allow login access, create a page, for example “Sign In”, and add the shortcode [login_form].

Structure the menu system, so that this page does not appear in the main navigation menu.  For extra security, you can make the page private and protect it with a password.

The Sign In page can be accessed by directly referring to its URL.  With the permalink structure we use for WP websites, this would be http://www.myWPsite.com/sign-in

For any support, just add comments to this post.