This tutorial was created using an earlier version of WordPress. To be notified of content updates, subscribe to our updates list (see sidebar), or Like our Facebook page.
Depending on your content strategy, you can make content inaccessible to users on your WordPress site.
There are a number of ways to prevent site visitors and unauthorized users from accessing content on your site or viewing all or some of your posts and pages, while also giving access to the content to others.
In this tutorial, you will learn how to use WordPress content protection features and other options and methods that use WordPress plugins to protect content and download files.
To learn more about adding, protecting, and managing downloadable files In WordPress, see the tutorial below:
Protecting Your Content In WordPress Posts And Pages
Complete the step-by-step tutorial below to learn more about creating private and password-protected posts and pages using the WordPress built-in content protection methods.
How To Prevent General Site Visitors From Viewing Content On Your WordPress Posts And Pages
Some of the more common reasons for protecting content on your site include:
- You would like to provide information to users only after they have made a purchase on your site (e.g. downloadable info products)
- You want to provide information only to certain groups of people (e.g. wholesale price lists and trade catalogs, confidential forms and business documents, updated members lists or databases, private company data, etc…)
- You want to start a private membership site where members must register first before they can view or access your content
- You would like to offer discount coupons or “how to” information that can only be unlocked or revealed to users with a special password, or after performing a specific action (e.g. sharing your post with others on social networks)
- And so on …
There are a number of ways to protect content on your posts and pages from being accessed by site visitors or unauthorized users.
WordPress Content Protection Method #1: Deep-Nested Content
This method is more about ‘hiding’ your file inside a deep-nested post or page than actually ‘protecting’ it from unauthorized users.
Essentially, this method involves the following steps:
- Add your download file to a ‘thank-you’ page,
- Make the page a sub page of another page,
- Change the post URL to something meaningless (or something that will only makes sense to you), and
- Hide the post from your navigation menus and site map.
So, for example, the URL of the thank-you page containing your download file could be something like:
This method should only be used for files or content that wouldn’t matter too much if someone who was not an intended target users were to find it.
For example, let’s say you present at a business networking event and decide to make the presentation slides or notes available to event attendees after the event. It wouldn’t really matter if someone who did not attend the event came across your download file. Using a deep-nested page, hiding it from your site’s navigation menus and sitemap, and sharing the URL only with event attendees, then, would be an appropriate method to use in this instance.
WordPress Content Protection Method #2: Password-Protecting Posts And Pages
WordPress lets you easily create a password-protected post or page, so that only those people with the correct password can view the content on that specific post or page.
To password-protect a post or page, log into your WordPress site, then find the post or page you want to password-protect …
If you have already created the post or page, then you don’t need to open your file. Just click on the Quick Edit link below the post or page you want to password-protect …
This will expand the in-line editor …
Enter a password into the ‘Password’ field …
Click Update when finished to save your changes …
To see how your password-protected post will look to your site visitors, click on Preview …
As you can see, the entire post is now password-protected. Only users with access to the password can unlock the post or page and view your content …
WordPress displays the word “Protected” to site visitors before the title of your password-protected Post or Page, and a password form asking users to enter the password to access the content.
Additionally, WordPress will not display your post excerpt when the content is password-protected …
You can also password-protect a post or page while you are working on the content by clicking on Publish > Visibility > Edit …
Select ‘Password protected’, enter your password in the Password: field and click OK…
Click Update to save your changes …
Your post or page is now password-protected …
Additional Information On Password-Protected Posts
- Only an Administrator, Editor, or the post’s Author can change a post’s password or visibility setting. To access the “Visibility: Edit” link, go to your Posts or Pages screen, find the Post or Page you want to edit and click on the Quick Edit link. (Tip: Use this method if you ever forget a Post or Page password).
- When password-protecting many Posts or Pages, WordPress will store your password in a browser cookie so your site visitors don’t have to re-enter passwords if they visit the same page a number of times. Also, if you add the same password to multiple Posts, the user will only have to enter the password once to access every post, except if two or more posts use different passwords. Because WordPress only tracks one password at a time, if two or more posts use different passwords, users will have to re-enter the password if they visit a Post that requires a different password to access the content, and then they try to revisit the previous post.
- You can change the password of your password-protected posts or pages as often as you need to. This can be useful in situations where you don’t want people who have had previous access to the content to access the content again. For example, if you offer new discount coupons each week, if you reward a new subscriber every now and then with a different product or download, etc …
WordPress Content Protection Method #3: Make Your Post Or Page Private
By default, when you make a post or page private, only logged-in users assigned the role of Administrator or Editor can view a private post or page on your site. When anyone else tries to access a post or page marked private, they will not be able to see it …
To make a WordPress Post or Page private, log into your WordPress site, go to your Posts (or Pages) section, find the Post (or Page) that you want to make private and click on the Quick Edit link …
This will expand the inline editor …
Tick the Private checkbox …
Remember to click Update to save your changes …
If you are adding a new post or editing your post content, you can make the post private by clicking on Publish > Visibility > Edit then selecting Private and clicking OK…
Remember to click Update to save your changes when finished …
Your Post or Page is now private and can only be found by your logged-in Administrators and Editors …
Additional Ways To Protect Your Content
WordPress Content Protection Method #4: Use A Membership Plugin
Password-protecting a Post or Page using the WordPress password-protect feature offers some level of content protection, but it also has the following limitations:
1) All users share the same password
If you want each user to have his or her own password, then you will need to set up your site so that only registered users are allowed to view your content. This can be easily done using plugins that turn your WordPress site into a “membership” site.
To learn more about setting up membership sites in WordPress, see the tutorial below:
2) All content on the Post or Page is protected.
When you password-protect content on WordPress using the native WordPress function, everything on your Post or Page is protected.
WordPress Content Protection Method #5: Use A Partial Content Protection Plugin
If you want to make some or most of the content on a Page or Post visible to everyone while protecting some part of it so that only those with special access can view it, there are plugins that you can install on your WordPress site that allow you to provide “partial-content” protection to site visitors.
The Password Protect plugin can also be used to hide information inside other shortcodes, such as video embeds and file download links.
WordPress Content Protection Method #6: Use A Content Lock Plugin
You can partially protect content with plugins like WP Share To Unlock (Free plugin) that will “unlock” the content when someone performs a social sharing action (like clicking a Facebook “like” button, or sharing your page or video on Twitter, for example. Some plugins that unlock content can even help you build your subscriber list!) …
Another great content locking plugin that combines partial content protection with viral social media sharing capabilities is Social Locker – a versatile content locking premium WordPress plugin designed to help drive viral traffic to your WordPress site quickly and easily …
Thank you! Download your special report below …
Social Locker allows you to offer something of value for free to your visitors (e.g. a valuable tip, special report, a discount voucher, etc …) on your site. Your special content is hidden or “locked away” in your post and can only be unlocked when your visitor performs a desired action to get the free content such as liking you on Facebook, or posting a tweet about your site on Twitter or +1 on Google +. This action then helps to drive free traffic to your site … virally!
WordPress Content Protection Method #7: Use An e-Commerce Plugin Or Solution
If you use WordPress for e-commerce, most plugins, solutions, and services will have built-in content protection features.
To learn more about using WordPress with e-commerce, go here:
Protecting Your Content From Being Copied Or Stolen
Note: It’s practically impossible to prevent people from stealing content that is visible on your site (e.g. text and images). The web was designed to share content online. The plugins presented below will simply prevent those who really can’t be bothered to dig deeper into the source code of your pages.
In addition to locking and hiding content, there are also plugins that try to prevent other people from copying / stealing your content.
For example, a Free WordPress plugin like WP Content Copy Protection prevents people from selecting and copying text on your site or right-clicking on your images and saving them to their own hard drives by disabling the right-clicking and text selection function on your site.
Protecting Your Images
If you are worried about people stealing your images, there are a few options you can look at implementing.
One option is to add a “watermark” to your images using a Free WordPress plugin like Watermark Reloaded. Adding a watermark lets people know who the original owner or creator of the image is, and trace the image back to the originating domain.
Another preventative measure you can take to stop people clicking on your images and saving them to their computer is to use the No Right Click Images plugin …
For additional information on ways to prevent content theft on your WordPress site, see this tutorial:
Content Protection – Additional Tips And Information
Tip #1 – If, for whatever reason, you find yourself changing the visibility settings of most of your Posts or Pages to “private”, then install and activate the Private Post By Default WordPress Plugin.
This plugin automatically sets all the Posts and Pages you create to “private” by default. All you have to do then, is change the visibility settings of any Posts or Pages that you want to make visible on your site back to “Public”.
Tip #2 – As explained earlier in this tutorial, by default private posts are only visible to users on your site that have been assigned the role of Administrators or Editors.
What if you want to allow users who are not Administrators or Editors to view private Posts or Pages on your site?
For example, let’s say that you run a business consultancy firm and you want your consultants to be able to distribute reports privately to clients through your site, or your children’s school wants to post class assignments privately to students online through their school blog.
One option would be to make everyone who needs to have access to private Posts or Pages on your site into an “Editor”. This is not a very good option, however, as they would then be able to modify your content.
Fortunately, there is an excellent free WordPress plugin called User Role Editor that lets you change the capabilities of any standard WordPress user role (to learn more about user roles, see this tutorial: WordPress User Management) …
With the User Role Editor plugin installed, you can assign the same capabilities for reading private posts and pages that “Editors” have, to users assigned the role of a “Subscriber” …
This would now let all registered users on your site assigned the role of “Subscriber” to access and view your private posts and pages without being able to modify the content.
There are a number of other options for protecting your content online in addition to what has been presented in this tutorial, but these options typically involve messing with code on your site or server.
"I love the way your email series "Infinite Web Content Creation Training Series" is documented and presented. It is very absorbing and captivating. The links and tutorials are interesting and educational. This has motivated me to rewrite my content following the concepts I am learning from the email series." - Mani Raju, www.fortuneinewaste.com