-
Notifications
You must be signed in to change notification settings - Fork 63
/
readme.txt
599 lines (390 loc) · 32.3 KB
/
readme.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
=== Password Protected – Password Protect your WordPress Site, Pages, & WooCommerce Products - Restrict Content, Protect WooCommerce Category, and more ===
Contributors: wpexpertsio
Tags: password, maintenance mode, password protect page, password protect, restrict content
Requires at least: 4.6
Tested up to: 6.7
Requires PHP: 5.6
Stable tag: 2.7.4
License: GPLv2 or later
Protect your WordPress site, pages, posts, WooCommerce products, and categories with single or multiple passwords.
== Description ==
[Live Demo](https://tastewp.com/new/?pre-installed-plugin-slug=password-protected)
Do you want to secure your WordPress site, to password protect pages, posts, WooCommerce categories, etc.❓ If so, then you need to install ✨**the Password Protected plugin**✨.
Password Protected is a robust password protection plugin for WordPress that empowers you to password protect posts, WordPress categories, WooCommerce products, and even WordPress login (wp-admin) page with unparalleled ease.
Additionally, you can secure the password protected screen from WordPress attacks such as a WordPress brute force attack with the limit login feature.
Therefore, the [Password Protected WordPress plugin](https://passwordprotectedwp.com/) ensures comprehensive security, covering everything from WordPress pages to WooCommerce products, all with a user-friendly interface.
== Why Do You Need to Password Protect WordPress Site? ==
With the rapidly rising number of cyber threats, having an effective WordPress security system for your website is essential.
Whether you're a blogger, a business owner, or a developer, protecting sensitive information and controlling who can access the content you have created is essential. This is where the Password Protected plugin comes in.
**For example**, imagine you're a photographer showcasing your portfolio. By using the Password Protect WordPress plugin, you can share your work securely with potential clients. Simply password protect your portfolio page, and only those with the password can view it. It's an easy way to keep your photos private until you're ready to share them publicly.
### What Makes the Password Protected Plugin Stand Out! 😎
Wouldn't you like to have WordPress password protection that gives you peace of mind and immense security for your WordPress site❓
Here are some of the features of the password protect WordPress plugin that gives so much control over your WordPress content protection while protecting your site from unauthorized access.
== ⚡ Password Protect Entire WordPress Site With These Features: ==
**✅ Complete Site Protection —💯% FREE**
Want to protect your entire WordPress site? Password Protected plugin makes it easy!
With a single master password, password protect entire WordPress site to prevent unauthorized access. Also, set how long you want to use the password, define protected permission, and much more.
**✅ Passwordless Admin Access**
As an admin, you probably don't want the hassle of entering additional passwords to access your site. Right?
Don't worry. With the Password Protected plugin, you can simplify the login process for administrators with Passwordless Admin Access. This time-saving functionality enhances efficiency and security by eliminating the need for administrators to manage passwords or risk exposure to unauthorized access attempts.
**✅ Add Google Recaptcha**
Make your password protected screen more secure by integrating Google reCaptcha. The plugin supports both Google reCAPTCHA v2 and v3.
Google reCAPTCHA prevents automated bots and spam by presenting users with challenges that only humans can solve, such as identifying objects in images or solving puzzles.
**✅ IP Address Whitelisting**
You can specify which IP addresses can access password protected content with IP Address Whitelisting.
This feature adds an extra layer of security by preventing unauthorized access from IP addresses not included on the whitelist so that only approved users can access protected content.
**✅ Specific Post/Page Protection**
Do you have premium content or sensitive information that you want to restrict access to? With the Password Protected plugin, you can easily password protect pages or posts so that only authorized users can view them. This feature allows you to offer exclusive content to subscribers or conduct private testing before publication.
Check out our guide on how to [password protect WordPress page](https://passwordprotectedwp.com/wordpress-password-protect-page/) the right way.
**✅ User Role Whitelisting**
If you are looking for simplified access control based on user roles. The User Role Whitelisting is the solution you need. By whitelisting certain user roles for your WordPress site, such as administrators, editors, or subscribers, you can ensure that authorized users can view protected content without entering a password.
**✅ WP-Admin Protection**
Password protect wp-login (WordPress admin login page) against unauthorized access. This feature adds an extra layer of security by requiring a password to access the WP-admin dashboard, giving you greater protection against unauthorized login attempts and a [WordPress brute force attack](https://passwordprotectedwp.com/wordpress-brute-force-attack/).
When you password protect WordPress login page (WP-admin area), it prevents unauthorized users from accessing sensitive site settings, user data, and administrative functions. This is particularly important for sites with multiple administrators or contributors, as it helps prevent unauthorized changes to site settings or content.
**✅ Password Attempt Activity Report (Weekly)**
Gain valuable insights into user interactions with your protected content (e.g., password protect pages, posts, etc.) through our exclusive Password Attempt Activity Report. This report will provide a comprehensive overview of login attempts, including successful and failed tries, browsers utilized, and recent activity logs. Whether using the Free or Pro version, this report enables you to track login attempts and user activity efficiently.
**✅ Custom Post Type Protection**
Extend your site's security beyond standard posts and pages. The Password Protected plugin allows you to protect any custom post type, such as portfolios or testimonials, or you can even password protect WooCommerce products. The feature is extremely useful for businesses or creatives looking to share proprietary content or restrict content access to certain areas of their site.
**✅ Category/Taxonomy Protection**
Password protect categories to take control of your site's organization and access. Using single or multiple passwords, you can lock specific WordPress categories or taxonomies, along with related post tags.
This functionality is ideal for websites with diverse content categories or membership tiers. By restricting access to certain categories, you can create exclusive areas for different user groups or offer premium/restricted content to subscribers.
**✅ Certain Page/Posts Exclusions**
Maintain flexibility in your WordPress site's accessibility by excluding specific pages, posts, and post types from password protection. Whether it's your homepage, contact page, or landing page, you can ensure that certain content remains accessible to all visitors while securing entire website content with a password.
**✅ Limit Login Attempts**
Set up a limit for login attempts to protect your WordPress password protected screen against the most common WordPress attacks, such as brute force attacks. The Password Protected [limit login attempts](https://passwordprotectedwp.com/limit-login-attempts/) feature is a proactive measure that mitigates the risk of unauthorized access and strengthens overall site security.
**✅ Password Expiration and Usage Limit**
If you want to password protect WordPress pages/posts for a certain period, set expiration dates and impose usage limits to restrict the number of times a user can use the password. This will make your site more secure and make it easier to manage user access.
**✅ Bypass URL**
Want to share password protected content with someone without sharing the password? The Bypass URL feature enables you to do just that. You can create unique URLs that remain accessible to the users without requiring a password.
**✅ Detailed Activity Logs**
Stay informed and vigilant with detailed activity logs for every password attempt. This feature provides comprehensive insights into site activity, including IP addresses, dates, times, and login statuses, so you can easily monitor and review user interactions.
**✅ Lock Screen Customization**
Make a lasting impression on visitors with a personalized and professional lock screen. With our Login Designer plugin, you can customize the appearance of your password-protected screen to align with your brand identity and aesthetics.
With options to customize the background, logo, and other elements of the lock screen, you can create a cohesive and visually appealing experience for users seeking access to your protected/restricted content.
**✅ Multiple Password Management**
Experience unmatched flexibility and control over access permissions with Multiple Password Management. You can create unlimited passwords for any lock screen. It is also easy to activate or deactivate multiple passwords for various purposes, from testing to membership management.
== 🎉 5 Key Reasons Why You Should Opt for Password Protected Pro ==
⚡ **Reason #1: Boost Your WordPress Site's Security With Ease**
Upgrade your site's security with [Password Protected Pro](https://passwordprotectedwp.com/pricing/?utm_source=wp_org&utm_medium=readme) and get comprehensive password protection.
Easily password protect WordPress website. From specific page/post protection to WP-Admin protection and user role whitelisting, Password Protected Pro empowers you to easily secure your site against unauthorized access.
With intuitive password management features like multiple password management and detailed activity logs, maintaining security protocols becomes a seamless task, allowing you to focus on your core business objectives without compromising on protection.
⚡ **Reason #2: Better User Experience and Accessibility**
Unlock unparalleled flexibility in access control with Password Protected Pro's advanced features. Whether you're offering exclusive/restricted content to subscribers or conducting private testing before publication, specific page/post protection ensures that only authorized users can access sensitive information.
Meanwhile, features like Bypass URLs and certain page/post exclusions allow you to maintain accessibility for public-facing content, striking the perfect balance between security and user experience.
⚡ **Reason #3: Gain Valuable Insights and Oversight**
Stay informed and vigilant with Password Protected Pro's weekly comprehensive activity reporting and logging capabilities. With the password attempt activity report, including detailed activity logs, you gain valuable insights into user interactions, login attempts, and site activity.
This actionable data enables you to monitor access patterns, detect potential security threats, and optimize your access control strategy accordingly.
By leveraging this insight, you can proactively enhance site security, mitigate risks, and ensure compliance with privacy regulations, fostering trust and confidence among your user base.
⚡ **Reason #4: Simplified Password Management and Administration**
Automate password management with Password Protected Pro's user-friendly interface and intuitive tools.
With features like password expiration and usage limits, limit login attempts, and passwordless admin access, you can automate routine tasks, reduce administrative overhead, and ensure a smooth user experience.
With simplified access control and administration, Password Protected Pro frees up your valuable time and resources so you can focus on your core business objectives while maintaining the highest standards of security and compliance.
⚡ **Reason #5: Easy Membership Management**
If you manage a membership site or subscription-based platform, Password Protected Pro offers the features you need to provide exclusive access to your users to maximize revenue.
With features like user role whitelisting and multiple password management, you can conveniently control access permissions for your WordPress restricted content. By simplifying [WordPress content protection](https://passwordprotectedwp.com/content-locking-in-wordpress/) and ensuring seamless access for paying members, you can enhance user experience, retain subscribers, and drive sustained revenue growth.
== 🎉 Use Cases for WordPress Password Protection ==
⚡ **Use Case #1: Offer Premium Content to Your Subscribers**
Unlock the potential of your premium content by offering exclusive access to subscribers with Password Protected plugin. You can securely share articles, e-books, podcasts, and reports while tracking password usage and preventing unauthorized sharing.
With the ability to generate multiple passwords, you can ensure that only paying subscribers enjoy your valuable content.
⚡ **Use Case #2: Give Clients Exclusive Access to Your Portfolio**
Securely showcase your portfolio to clients with Password Protected, safeguarding your work from unauthorized access. Generate unique passwords for each client, ensuring personalized access while impressing them with a custom lock screen.
With Password Protected, you can maintain confidentiality and professionalism while sharing your creative endeavors.
⚡ **Use Case #3: Keep Under Maintenance Pages Private**
Maintain confidentiality and control over your unfinished website pages with Password Protected plugin. If you are working on a new website or updating existing pages, you can password protect pages or the entire WordPress site to keep your work private.
Generate temporary passwords with limited usage, providing secure access to administrators while keeping your work private until it's ready for public viewing.
⚡ **Use Case #4: Create a Private Family Blog**
Set up a secure and private space for your family to connect and share precious moments. Post family photos, videos, stories, and updates without worrying about unauthorized access.
With the [Password Protected](https://passwordprotectedwp.com/) plugin, you can generate unique passwords for each family member and friend, ensuring that only those you trust can access your family blog.
⚡ **Use Case #5: Provide Exclusive Access to Virtual Events**
Host exclusive virtual events and password-protect your site pages/posts with Password Protected. Generate unique passwords for each participant and customize the lock screen to enhance professionalism.
By offering exclusive access to virtual events, you can increase membership and engagement while providing a secure and memorable experience for participants.
⚡ **Use Case #6: Create Member-Only WooCommerce Products**
Get more sales and customer loyalty by offering member-only WooCommerce products with Password Protected. Securely password protect WooCommerce products or categories, assigning multiple passwords for different offerings.
Whether it's special deals, discounts, or bonuses, the plugin enables you to password protect any product so you can offer those exclusive products to your valued members, driving sales and fostering a sense of exclusivity.
Check out our detailed guide on how to [password protect WooCommerce products](https://passwordprotectedwp.com/password-protect-woocommerce-products/) and [WooCommerce shop page](https://passwordprotectedwp.com/password-protect-woocommerce-shop-page/).
== Need Help? Get Expert Assistance ==
Can't figure out how to implement password protection for your WordPress site? We've got you covered around the clock.
Whether it's troubleshooting technical issues, setting up password protection, or exploring advanced features, our dedicated support team is here to assist you every step of the way.
So, don't hesitate to [reach out for prompt and reliable guidance](https://objectsws.atlassian.net/servicedesk/customer/portal/18). Contact us now to experience smooth and hassle-free service 😀.
== Documentation and support ==
👉 To learn more, check out Password Protected [Technical Documentation](https://passwordprotectedwp.com/documentation/?utm_source=wp_org&utm_medium=readme)
👉 Open a support ticket [here](https://objectsws.atlassian.net/servicedesk/customer/portal/18).
== Installation ==
To install and configure this plugin...
1. Upload or install the plugin through your WordPress admin.
2. Activate the plugin via the 'Plugins' admin menu.
3. Configure the password options in the Password Protected settings.
= Upgrading =
If you are upgrading manually via FTP rather that through the WordPress automatic upgrade link, please de-activate and re-activate the plugin to ensure the plugin upgrades correctly.
== Frequently Asked Questions ==
= Can the plugin password protect WooCommerce products? =
Yes, you can password protect WooCommerce products or entire product categories.
= Is my password protected content visible in Google search results? =
No, password protected content is not visible to search engines like Google. The plugin prevents search engines from indexing protected content so that it remains private and accessible only to those with the password.
= Does the plugin password protect specific pages or posts? =
Yes, the Password Protected plugin allows you to secure individual pages or posts. You can set passwords for specific content.
= Can I whitelist certain user roles for passwordless access? =
Yes, the User Role Whitelisting feature allows you to give open (passwordless) access to specific user roles without requiring a password.
= Does the plugin password protect wp-admin (WordPress admin login page)? =
Yes, the WP-Admin Protection feature adds an extra layer of security to the WordPress admin dashboard. It prevents unauthorized access to your wp-admin.
= What if I need to exclude certain pages or posts from password protection? =
The plugin allows you to exclude specific pages, posts, or post types from password protection, ensuring that essential content like your homepage or contact page remains accessible to all visitors.
= Does the plugin protect against brute-force attacks? =
The Limit Login Attempts feature allows you to set the number of failed login attempts, which reduces the risk of brute-force attacks and enhances your site's security.
= How can I enable feeds while the site is password protected? =
In the settings, check the 'Allow Feeds' checkbox.
= I cannot preview my changes in the Theme Customizer =
You must be an administrator (have the manage_options capability) and in the Password Protected settings, check the 'Allow Administrators' checkbox.
= How can I log out? =
Just add a "password-protected=logout" query to your URL.
eg. http://www.example.com/?password-protected=logout
= I have forgotten the password. How can I disable the plugin? =
If you go to your WordPress admin login page `/wp-login.php` and it shows the admin login fields, you should still be able to login and disable the plugin.
If the admin login screen instead shows the Password Protected field, you will need to access your site via SFTP/SSH and delete the Password Protected plugin folder in the plugins folder `wp-content/plugins/password-protected`.
= How can I get customer support? =
To contact our support team, [click here](https://passwordprotectedwp.com/contact-us/) and fill out the form with your full name, email address, the reason for contact, and details about the issue. Our support team will generally contact you within 24 hours.
= How can I translate this plugin? =
If you want to translate this plugin you can easily contribute to the [Translating WordPress](https://translate.wordpress.org/projects/wp-plugins/password-protected/) page. The stable plugin needs to be 90% translated for a language file to be available to download/update via WordPress.
== Screenshots ==
1. Enable complete sitewide protection, whitelist IP address, and allow passwordless access.
2. Exclude pages, posts, and post types from protection.
3. Enable and create a bypass URL to get password free access with that link.
4. Create and manage multiple passwords for your protected site and content.
5. Enable and password protect specific or all pages, posts, and post types.
6. Enable and select user roles that should be whitelisted.
7. Google reCaptcha v2 and v3 settings.
8. The protected screen perfectly mimics the WordPress login.
9. The protected screen with reCaptcha v3.
10. The protected screen with reCaptcha v2.
11. Password Protect your WP login/WP admin.
12. Limit password attempts to enhance your WordPress site protection.
13. Stay informed with detailed activity logs for every password attempt.
14. Gain valuable insights through our exclusive Password Attempt Activity Report.
== Changelog ==
= 2.7.4 =
- New - Added functionality to login with transient if the cookies are blocked.
- Fixed: compatibility with WordPress 6.7
= 2.7.3 =
- New - Option to view password text in the field while entering.
- Improvement - Preserve custom URL parameters on password protected screen.
= 2.7.2 =
- Fix: Updated depreciated PHP function to make it compatible with the latest PHP version.
- Added: Login designer compatibility banner.
- Improvement: Implement few UI tweaks.
= 2.7.1 =
- Fixed - Disabled activity report by default.
= 2.7 =
- New: Added Password Activity Report to provide weekly insights on access attempts to your protected sites.
- New: Added Categoric Tabs and Sub-Tabs User Interface for easy navigation and better user experience.
= 2.6.8 =
- Fix: Gutenberg compatibility issue fixed - REST API was getting blocked
= 2.6.7 =
- Security: Patched two security improvements suggested by Wordfence team.
- Fix: Updated depreciated PHP function to make it compatible with the latest PHP version.
- Compatibility: Improved compatibility with Elementor.
= 2.6.6 =
- Improvement - Added support for HTML in the above and bottom text displayed in the password screen.
= 2.6.5.1 =
- Ensured seamless compatibility with the latest WordPress version
= 2.6.5 =
- Fixed - [Login Designer](https://wp.org/plugins/login-designer) compatibility issues.
= 2.6.4 =
- Fixed - Added compatibility for PHP version 8.2
= 2.6.3.2 =
- Update - Feedback library updated
= 2.6.3.1 =
- Fix - Parse error related to PHP version 7.2
= 2.6.3 =
- New - Added Freemius SDK integration.
- New - Added functionality to login with transient if the cookies are blocked.
- Fix – Fixed Redirect Issue from excluded page to password protected page.
= 2.6.2 =
- Fix – Parse error related to PHP version 7.2
= 2.6.1 =
- Fix – Parse error related to PHP version 7.2
- Update - Link to official Google Re-captcha documentation
= 2.6.0 =
- Improved admin settings interface and introduced NEW tabs structure.
- NEW: Added Google Recaptcha v2 and v3 to make it more secure.
- NEW: Added Password Protected top-level admin menu for ease.
- NEW: Added option to add text above password Field.
- NEW: Added option to add text below password Field.
= 2.5.3 =
- Improved Settings HTML structure
- Added Note regarding compatibility with login designer within dashboard
= 2.5.2 =
- Made compatibility with [Login Designer](https://wp.org/plugins/login-designer); Now you can customize the password-protected screen with the customizer using login designer plugin.
= 2.5.1 =
- Fix - Author name conflict resolved
= 2.5 =
- Deprecate `wp_no_robots` and replace with `wp_robots_no_robots` for WordPress 5.7+
= 2.4 =
- Add a Nocache header to the login page redirect to prevent the browser from caching the redirect page. Props [De'Yonte W.](https://github.com/rxnlabs)
- Remove ‘password-protected’ query from redirects on successful login or logout.
- Check "redirect_to" query var is set in hidden form field. Props [Matthias Kittsteiner](https://wordpress.org/support/users/kittmedia/).
- Add favicon to password protected login page.
= 2.3 =
- Adds `password_protected_cookie_name` filter for the cookie name. Props [Jose Castaneda](https://github.com/jocastaneda).
- Let developers override the capability needed to see the options page via a `password_protected_options_page_capability` filter. Props [Nicola Peluchetti](https://github.com/nicoladj77).
- Don't use a "testcookie" POST query as it is blocked by Namecheap (and possibly other hosts).
- Fix warnings in W3 validator - script and style “type” attribute not required. Props [@dianamurcia](https://github.com/dianamurcia).
- Translations now via [translate.wordpress.org](https://translate.wordpress.org/projects/wp-plugins/password-protected/).
- Updated URL references. Props [Garrett Hyder](https://github.com/garretthyder).
= 2.2.5 =
- Added `password_protected_login_password_title` filter to allow customizing the "Password" label on the login form. Props [Jeremy Herve](https://github.com/jeherve).
- Fix stray "and" in readme. Props [Viktor Szépe](https://github.com/szepeviktor).
- Update Portuguese translation. Props [Jonathan Hult](https://github.com/jhult).
- Update Russian translation. Props [Alexey Chumakov](https://github.com/achumakov).
= 2.2.4 =
- Check that `$_SERVER['REMOTE_ADDR']` is set.
= 2.2.3 =
- Restrict REST-API-access only if password protection is active.
- Added viewport meta tag to login page.
- Added `password_protected_show_login` filter.
- Cookie name is not editable in the admin so display just for reference.
- Use default WordPress text domain for “Remember Me” and “Log In” buttons.
= 2.2.2 =
- Change locked admin bar icon to green.
- Fix REST option and always allow access to REST API for logged in users.
= 2.2.1 =
* Fixed PHP error when calculating cookie expiration date.
= 2.2 =
* Added admin bar icon to indicate wether password protection is enabled/disabled.
* Option to show "Remember me" checkbox. Props [Christian Güdel](https://github.com/cguedel).
* REST API access disabled if password not entered.
* Admin option to allow REST API access.
* More robust checking of password hashes.
= 2.1 =
* Update caching notes for WP Engine and W3 Total Cache plugin.
* Tested up to WordPress 4.8
= 2.0.3 =
* Declare methods as public or private and use PHP5 constructors.
* Show user's IP address beside "Allow IP Addresses" admin setting.
* Add CHANGELOG.md and README.md
= 2.0.2 =
* Check allowed IP addresses are valid when saving.
* Only redirect to [allowed domain names](https://codex.wordpress.org/Plugin_API/Filter_Reference/allowed_redirect_hosts) when logging out.
= 2.0.1 =
* Split logout functionality into separate function.
* Security fix: Use a more complex password hash for cookie key. Props Marcin Bury, [Securitum](http://securitum.pl).
= 2.0 =
* Added [password_protected_logout_link](https://github.com/benhuson/password-protected/wiki/password_protected_logout_link-Shortcode) shortcode.
* Load 'password-protected-login.css' in theme folder if it exists.
* Added [password_protected_stylesheet_file](https://github.com/benhuson/password-protected/wiki/password_protected_stylesheet_file) filter to specify alternate stylesheet location.
* Added is_user_logged_in(), login_url(), logout_url() and logout_link() methods.
* Added Basque, Czech, Greek, Lithuanian and Norwegian translations.
* Better handling of login/out redirects when protection is not active on home page.
= 1.9 =
* Fixed "Allow Users" functionality with is_user_logged_in(). Props PatRaven.
* Added option for allowed IP addresses which can bypass the password protection.
* Added 'password_protected_is_active' filter.
= 1.8 =
* Support for adding "password-protected-login.php" in theme directory.
* Allow filtering of the 'redirect to' URL via the 'password_protected_login_redirect_url' filter.
* Added 'password_protected_login_messages' action to output errors and messages in template.
* Updated translations.
* Use current_time( 'timestamp' ) instead of time() to take into account site timezone.
* Check login earlier in the template_redirect action.
= 1.7.2 =
* Fix always allow access to robots.txt.
* Added 'password_protected_login_redirect' filter.
* Updated translations.
= 1.7.1 =
* Fix login template compatibility for WordPress 3.9
= 1.7 =
* Remove JavaScript that disables admin RSS checkbox.
* Added 'password_protected_theme_file' filter to allow custom login templates.
* Add option to allow logged in users.
= 1.6.2 =
* Set login page not to index if privacy setting is on.
* Allow redirection to a different URL when logging out using 'redirect_to' query and full URL.
= 1.6.1 =
* Language updates by wp-translations.org (Arabic, Dutch, French, Persian, Russian).
= 1.6 =
* Robots.txt is now always accessible.
* Added support for Uber Login Logo plugin.
= 1.5 =
* Added note about WP Engine compatibility to readme.txt
* Requires WordPress 3.1+
* Settings now have their own page.
* Fixed an open redirect vulnerability. Props Chris Campbell.
= 1.4 =
* Add option to allow administrators to use the site without logging in.
* Use DONOTCACHEPAGE to try to prevent some caching issues.
* Added a contextual help tab for WordPress 3.3+.
* Updated login screen styling for WordPress 3.5 compatibility.
* Options are now on the 'Reading' settings page in WordPress 3.5
= 1.3 =
* Added checkbox to allow access to feeds when protection is enabled.
* Prepare for WordPress 3.5 Settings API changes.
* Added 'password_protected_before_login_form' and 'password_protected_after_login_form' actions.
* Added 'password_protected_process_login' filter to make it possible to extend login functionality.
* Now possible to use 'pre_update_option_password_protected_password' filter to use password before it is encrypted and saved.
* Ready for [translations](http://codex.wordpress.org/I18n_for_WordPress_Developers).
= 1.2.2 =
* Show login error messages.
* Escape 'redirect_to' attribute. Props A. Alagha.
= 1.2.1 =
* Added a "How to log out?" FAQ.
* Only disable feeds when protection is active.
= 1.2 =
* Use cookies instead of sessions.
= 1.1 =
* Encrypt passwords in database.
= 1.0 =
* First Release. If you spot any bugs or issues please [log them here](https://github.com/benhuson/password-protected/issues).
== Upgrade Notice ==
= 2.5.1 =
Author name conflict resolved
= 2.5 =
Fixes robots tag for WordPress 5.7+
= 2.4 =
Fixes to help with caching issues and favicon on login page.
= 2.3 =
Fixed an issue with "testcookie" on some hosts. Added `password_protected_cookie_name` and `password_protected_options_page_capability` filters.
= 2.2.5 =
Added `password_protected_login_password_title` filter to allow customizing the "Password" label on the login form.
= 2.2.4 =
Check that `$_SERVER['REMOTE_ADDR']` is set.
= 2.2.3 =
Restrict REST-API-access only if password protection is active. Added viewport meta tag to login page.
= 2.2.2 =
Fix REST option and always allow access to REST API for logged in users. Change locked admin bar icon to green.
= 2.2.1 =
Fixed PHP error when calculating cookie expiration date.
= 2.2 =
Added admin bar icon to indicate wether password protection is enabled/disabled and disable REST API access (admin option to allow).
= 2.1 =
Update caching notes for WP Engine and W3 Total Cache plugin.
= 2.0.3 =
Show user's IP address beside "Allow IP Addresses" admin setting. Declare methods as public or private and use PHP5 constructors.
= 2.0.2 =
Only redirect to [allowed domain names](https://codex.wordpress.org/Plugin_API/Filter_Reference/allowed_redirect_hosts) when logging out.
= 2.0.1 =
Security fix: Use a more complex password hash for cookie key.
= 2.0 =
Added 'password_protected_logout_link' shortcode and use 'password-protected-login.css' in theme folder if it exists.
= 1.9 =
Fixed "Allow Users" functionality and added option to allowed IP addresses which can bypass the password protection.
= 1.8 =
Support for adding "password-protected-login.php" in theme directory and allow filtering of the 'redirect to' URL via the 'password_protected_login_redirect_url' filter.
= 1.7.2 =
Added 'password_protected_login_redirect' filter.
= 1.7.1 =
Fix login template compatibility for WordPress 3.9
= 1.7 =
Added 'password_protected_theme_file' filter and option to allow logged in users.
= 1.6.2 =
Allow redirection to a different URL when logging out.
= 1.6 =
Added support for Uber Login Logo plugin.
= 1.5 =
Fixes an open redirect vulnerability. Settings now have own page.
= 1.4 =
Administrators can use the site without logging in. WordPress 3.5 compatible.
= 1.3 =
Allow access to feeds. Ready for translation.
= 1.2 =
Use cookies instead of sessions.
= 1.1 =
Passwords saved encrypted.