WordPress For Non-Techies: Free WordPress Tutorials – WPCompendium.org

How To Protect Content In WordPress

For a white label version of this tutorial visit WPTrainingManual.com.

How To Protect Your Content In WordPress

In this tutorial, you will learn how to create private and password-protected posts and pages on your site using built-in content protection methods in WordPress and other ways to protect your content and download files using WordPress plugins.

Go through this tutorial to learn how to restrict content to certain users and/or make your content inaccessible to your WordPress site visitors.

We also recommend completing the following tutorial to learn more about adding, protecting, and managing downloadable files In WordPress: How To Add Downloadable Files In WordPress

How To Prevent General Site Visitors From Viewing Content On Your WordPress Posts And Pages

There are several ways to prevent site visitors and unauthorized users from accessing some or all of your site’s content.

Some of the more common reasons for protecting content on your posts and pages include:

Let’s go through some of the ways you can protect content on your WordPress site:

WordPress Content Protection Method #1: Deep-Nested Content

This method is more about ‘hiding’ your files inside a deep-nested post or page than actually protecting them from unauthorized users.

Essentially, it’s a useful method for sharing unprotected content or downloadable files where it wouldn’t really matter if some visitors were to occasionally come across it on your site.

For example, let’s say that your goal is to get visitors to subscribe to your newsletter but you don’t have any exclusive content to entice them to sign up–at least nothing that requires setting up some high-level form of protection. An example of this could be sending subscribers to a page with embedded YouTube videos, audio files, or a report or downloadable resource that is available online for free (e.g. from a Government department).

This content doesn’t need high-level protection. Let’s just make it hard to find.

In this case, all you need to do is add your content somewhere on your site that’s not easily found.

Here are the steps you can take to do this:

  1. Add your content or downloadable file to an unprotected ‘thank-you’ page,
  2. Make your ‘thank-you’ page a sub-page (or sub-sub-page) of another page,
  3. Change the post slug/page URL to something meaningless (or something that will only make sense to you), and
  4. Hide the post from your navigation menus and site map.

Here are some examples of thank-you page URLs you could create to hide your unprotected content or download file:

Add your unprotected content to a deep-nested page.

Now, just set up your opt-in form and direct your new subscribers to your deep-nested and hard-to-find ‘thank-you’ page.

Use this method to get more subscribers without offering content that requires high-level protection.

Another example of using this method is if you make a presentation (e.g. at a business networking event) and want to make your presentation slides or notes available to event participants and get them to subscribe to your lead generation list so you can follow them up after your presentation. It wouldn’t really matter if someone who did not attend the event came across these slides or notes on your site.

An appropriate method in this instance would be to add your notes to a deep-nested page, hide it from your site’s navigation menus and sitemap, and share the URL with event attendees only.

WordPress Content Protection Method #2: Password-Protecting Posts And Pages

Let’s suppose now that, unlike the previous method, you do have content that needs to be protected from general access, but still doesn’t require investing time and money into setting up a high-level form of protection.

WordPress lets you easily create password-protected posts and pages so that only people with the correct password can view the content on a specific post or page.

To password-protect a post or page, do the following:

Log into your WordPress site, and find the post or page you want to password-protect.

Bring up your Table of Posts or table of Pages and find the post or page you want to password-protect.

If you have already created the post or page, then you don’t need to open your file. Just click on the Quick Edit link below the post or page you want to password-protect.

Click on the Quick Edit menu link.

This will expand the in-line editor.

Quick Edit screen.

Enter a password into the ‘Password’ field.

Add your password in the Quick Edit screen.

Click Update when finished to save your changes.

Update your post settings.

Your post status will change to Password protected.

Your post is now password-protected.

To see how your password-protected post will look to your site visitors, hover over your post title and click on the View link.

Click View to preview your post as your visitors will see it.

As you can see, the entire post is now password-protected. Only users with access to the password can unlock the post (or page) and view its content.

This post is password-protected.

With a password-protected post or Page, WordPress will:

Additionally, WordPress does not display your post excerpt when the content is password-protected. This includes your blog page, widgets, RSS feed, and any other locations that use post excerpts.

Excerpts do not show for password-protected posts.

You can also password-protect a post or page while you are working on the content by creating or editing the post or page and clicking on Publish > Visibility > Edit.

Publish box – Visibility: Public – Edit link.

In the expanded Edit section, select ‘Password protected’, enter your password in the Password: field, and click OK.

Add your password and click OK.

Click Update to save your changes.

Update your post settings.

Your post or page is now password-protected.

This post is password-protected.

Additional Information On Password-Protected Posts

WordPress Content Protection Method #3: Make Your Post Or Page Private

By default, when you make a post or page private, only logged-in users assigned the role of Administrator or Editor can view a private post or page on your site. When anyone else tries to access a post or page marked private, they will not be able to see it.

Private pages do not display to site visitors.

To make a WordPress Post or Page private:

Log into your WordPress site, go to your Posts (or Pages) screen, find the Post (or Page) that you want to make private, hover over the post or page title, and click on the Quick Edit link.

Click on the Quick Edit menu link.

This will expand the inline editor.

The Quick Edit screen.

Tick the Private checkbox.

Tick the Private checkbox.

Remember to click Update to save your changes.

Update your post settings.

To make a post or page private when creating or editing a post or page, click on Publish > Visibility > Edit then select the Private option and click OK.

Select the Private option and click OK.

Remember to click Update to save your changes when finished.

Click Update to save your post settings.

Your Post (or Page) status will now display as Private and be added to the Post or Page menu. Only logged-in Administrators and Editors will be able to see it.

Only logged-in Administrators and Editors can see your private post.

Additional Ways To Protect Your Content

Password-protecting a Post or Page using the WordPress password-protect feature offers some level of content protection, but it also has the following limitations:

1) All users share the same password

If you want each user to have his or her own password, then you will need to set up your site so that only registered users are allowed to view your content. This can be easily done using plugins that turn your WordPress site into a membership or eCommerce site (see below).

2) All content on the Post or Page is protected.

When you password-protect content on WordPress using the native WordPress function, everything on your Post or Page is protected. Many membership plugins will let you password-protect or restrict only sections of your content to logged-in or registered users, leaving the rest of the content on that post or page available to general users. This is useful if you want to display “teaser” content to entice visitors to subscribe or purchase access to the full content.

So, in addition to the built-in features that WordPress makes available for password-protecting your content and creating private posts and pages, you can also use methods that rely on using plugins to protect and restrict your content.

WordPress Content Protection Method #4: Use A Membership Plugin

One way to overcome the limitations of using WordPress’ default password-protection features is to use Membership plugins.

Use membership site plugins to create unique user password-protected logins.

Membership plugins:

To learn more about setting up membership sites in WordPress, see the tutorial below: How To Set Up A Membership Site In WordPress

WordPress Content Protection Method #5: Use A Partial Content Protection Plugin

There are plugins you can install on your WordPress site that let you provide ‘partial-content’ protection to users using shortcodes.

This allows you to make some or most of the content on a Page or Post visible to online users while protecting information that only users with special access can view or access.

Contact us if you need help protecting specific content on your site.

WordPress Content Protection Method #6: Use A Content Lock Plugin

Some content locking plugins combine partial content protection with social media sharing and list-building capabilities. This can help drive viral traffic to your WordPress site and add subscribers to your business.

Thank you! Download your special report below …

Click here to download the report

You can partially protect content using plugins like Social Locker (a premium WordPress plugin) that will “unlock” your content when someone performs a social sharing action like clicking a Facebook “Like” button or sharing your page or video on Twitter, for example.

Social Locker – WordPress social sharing and content locking plugin.

Social Locker allows you to offer something of value for free to your visitors (e.g. a valuable tip, special report, a discount voucher, etc …) on your site. Your special content is hidden or “locked away” in your post and can only be unlocked when your visitor performs a desired action to get the free content such as liking you on Facebook or posting a tweet about your site on Twitter. This action helps drive free traffic to your site … virally!

WordPress Content Protection Method #7: Use An e-Commerce Plugin Or Solution

If you use or plan to use WordPress for e-commerce, most plugins will have built-in content protection features as part of their solution or service.

WordPress eCommerce plugins offer many built-in content protection features.

To learn more about using WordPress with e-commerce, go here: WordPress e-Commerce

Protecting Your Content From Being Copied Or Stolen

It’s practically impossible to prevent people from stealing content that is visible on your site (e.g. text and images). The web was designed to share content online. The plugins presented below will simply prevent those who really can’t be bothered to dig deeper into the source code of your pages.

In addition to locking and hiding content, there are also plugins that try to prevent other people from copying/stealing your content.

For example, a Free WordPress plugin like WP Content Copy Protection prevents people from selecting and copying text on your site or right-clicking on your images and saving them to their own hard drives by disabling the right-clicking and text selection function on your site.

WP Content Copy Protection Pro – WordPress plugin.

Protecting Your Images

If you are worried about people stealing your images, there are a few options you can look at implementing.

One option is to add a watermark to your images using a Free WordPress plugin like Image Watermark.

Image Watermark – WordPress plugin.

This plugin lets you add a watermark letting people know who the original owner or creator of the image is and tracing the image back to the originating domain.

A Watermarked image can help protect your images from being stolen.

Another preventative measure you can take to stop people clicking on your images and saving them to their computer is to use a plugin like No Right Click Images.

No Right Click Images Plugin.

This plugin disables the context menu on images only allowing other right-click actions, such as links, to work normally on your site.

For additional information on ways to prevent content theft on your WordPress site, see this tutorial: How To Prevent Content Theft In WordPress

Content Protection – Additional Tips And Information

Tip #1 – If, for whatever reason, you find yourself changing the visibility settings of most of your Posts or Pages to “private”, then install and activate the Private Post By Default WordPress Plugin.

This plugin automatically sets all the Posts and Pages you create to “private” by default. All you have to do is change the visibility settings of any Posts or Pages that you want to make visible on your site back to “Public”.

Tip #2 – As explained earlier in this tutorial, private posts are only visible by default to users on your site that have been assigned the role of Administrators or Editors.

But…what if you want to allow users who are not Administrators or Editors to view private Posts or Pages on your site?

For example, let’s say that you run a business consultancy firm and you want your consultants to be able to distribute reports privately to clients through your site, or your children’s school wants to post class assignments privately to students online through their school blog.

One option would be to make everyone who needs to have access to private Posts or Pages on your site into an “Editor”. This is not a very good option, however, as they would then be able to modify your content.

Fortunately, there is an excellent free WordPress plugin called User Role Editor that lets you change the capabilities of any standard WordPress user role (to learn more about user roles, see this tutorial: How To Manage WordPress Users).

User Role Editor – WordPress plugin.

This plugin lets you assign the same capabilities for reading private posts and pages that ‘Editors’ have to users in roles with fewer permissions (e.g. ‘Subscriber’).

User Role Editor plugin screen.

With this plugin installed, you can also give users like ‘Subscribers’ and ‘Contributors’  access to private posts and pages on your site without allowing them to modify their content.

In addition to the above methods, there are other options for protecting content on your site, but these options typically involve editing code on your site or server and are beyond the scope of these tutorials.

Learn how to protect your content in WordPress.

Congratulations! Now you know how to protect content on your WordPress site.


"I was absolutely amazed at the scope and breadth of these tutorials! The most in-depth training I have ever received on any subject!" - Myke O'Neill, DailyGreenPost.com


We are not affiliated, associated, sponsored, or endorsed by WordPress or its parent company Automattic. This site contains affiliate links to products. We may receive a commission for purchases made through these links.

For a white label version of this tutorial visit WPTrainingManual.com.