Forced authentication / Protect complete site

  • This feature allows you to restrict site to logged in user
  • Here, enabling restrict site to logged in user will auto redirect the user to login page if user is not already logged in
  • We also provides an option to exclude the URL from auto redirect.

How to configure?

  • You can configure this option by turning on (checking) the option “Restrict site to logged in users” in the Sign In Settings tab -> Advanced Settings
  • When you save the settings, you will be presented with this screen:
    restrict-site-to-logged-in-users
  • Here, you can also configure the URLs that you want to allow the non-logged in users to be able to see.
  • Enter these URLs on separate lines like shown above.
  • There is also a backdoor URL for administrative purposes.
  • This URL is in this format:
      <wordpress-site-url>.com/wp-login.php?oauthlogin=false

    In this Example, URL is: https://example.com/wp-login.php?oauthlogin=false

  • With this feature enabled, when a user is not logged in and tries to access the WordPress site, user will be auto redirected to the oauth provider's login page and they will see the message 'Redirecting to the default login Page'. You can change this message by doing the below settings.
    restrict-site-to-logged-in-users