説明
Password Protected for WordPress allows you to secure your website with a single password. The ultimate password protection plugin protects your WordPress categories, posts, products, and more with the simplest of ease.
Password Protected does not protect images or uploaded files, so if you enter an exact URL of an image file, it will still be accessible.
Password Protected Features
- Easy to set up – Password protect your WordPress site with a single password.
- Set a description – Display text (description or instructions) above or below the password field.
- reCaptcha v2/v3 – You can enable Google reCAPTCHA v2 or V3 to increase bot security measures.
- Allow administrators – Option to allow administrators access without entering the password.
- Allow logged-in users – Option to give logged-in users access to the website.
- Allow RSS Feeds – Option to allow access to feeds.
- Allow Rest API Access – Allow admin to access pages and posts.
- Customization – Customize the password-protected screen, including the background, font, logo, and colors (using Login Designer)
注意: このプラグインは、サイトへのアクセス許可にクッキーを設定します。キャッシュプラグインや WP Engine などのホスティングサービスを使用する場合、Password Protected Cookie の設定時にキャッシュが無効になるよう設定する必要があります。
Password Protected Pro
Password Protected Pro is equipped with powerful features that will take your WordPress website security to the next level.
- Exclude page posts & post types – Option to exclude specific pages and post types from password protection.
- Limit login attempts – Limit the user’s attempts to enter a password for a specified interval.
- Lockdown time – Set a time (in minutes) during which users can not enter the password after their login attempts are limited.
- Usage limits – Set a usage limit after which a password can not be used.
- Status control – You can change the status of the password (Active, Deactivated, Expired).
- Manage multiple passwords – Edit, activate, deactivate, or delete passwords (individual or bulk action).
- Set Expiry Dates – Options to select the expiry date for specific passwords
- Activity Log Reports – View the Activity Logs of each user, including their IP address, browser, status, date, and time of password attempts.
- Priority Support – Our team of support professionals will make sure to handle your queries on high priority.
Detect hackers and bots from abusing password protection with reCAPTCHA
Google reCAPTCHA v2 or v3 empowers your WordPress website to prevent password abuse against automated software, bots, hackers, etc. This anti-spam tool will allow any real user to access your website easily.
Password protect any post type
You can include or exclude any post type from password protection. All of this can be done from the back end using a single password.
Password protect your WordPress site with a single password
Password Protected has the ability to secure your entire website with a single password. Everything from pages to posts will also be protected.
Display password protected content in RSS feeds
You can allow RSS feeds to show a login page after which user accessing the feed can view the password protected content. Disabling the option will restrict any user’s access to the website even if the RSS feed is public.
Password usage limits and complexities
Limits users from entering the password using Password Protected’s Usage Limit counter. Password greater than that limit can not be applicable on the login page.
Usage limits can also be restricted by setting a password expiry from the calendar settings. This prevents users from re-using any given password. Regular password changes mitigate the risk of any security breach.
Limiting password attempts prevents security issues like the Brute Force attack, where hackers keep trying to guess your password until they get it right. A complimentary solution to this feature is the Lockdown Timer, which resets the user’s right to log in after exceeding their login attempt limit.
Monitor and review activity logs for Password Protected
Password Protected’s Activity Log is similar to an audit log that gives you a record of the events that have taken place on your website. To provide you with a better understanding, here is a list of the details you will find in the activity log:
- Filter options for passwords used in a specific range (All-time, Today, Yesterday, This Week, This Month)
- IP addresses of the system from where the passwords were attempted.
- Country names from where the passwords were attempted.
- Browser names where the password was attempted.
- Status of the password attempts (successful or failed)
The admin can also perform the search operation on the activity log. You can search by IP, Country, Browser, and Status. For e.g., searching Success will search all the passwords with successful attempts, and searching Failure will search all the orders with failed attempts.
Documentation and support
- Password Protected Technical Documentation
- You can open a support ticket here
翻訳
If you would like to translate this plugin, you can easily contribute to the Translating WordPress page. The stable plugin needs to be 95% translated for a language file to be available to download/update via WordPress.
スクリーンショット
WordPress ログインとまったく同じ見た目のログインページ。 
Login page with reCaptcha v3 
Login page with reCaptcha v2 
Password Protected general settings page. 
Password Protected advanced settings page.
インストール
このプラグインをインストールして設定するには…
- あなたのワードプレス管理者からプラグインをアップロードまたはインストールしてください。
- プラグインの管理メニューからプラグインを有効にします。
- パスワード保護設定でパスワードオプションを設定します。
アップグレード
WordPressの自動アップグレード機能ではなく、FTPを使用して手動でアップグレードする場合は、プラグインを停止してから再度有効化し、プラグインのアップグレードが正しく行われるようにしてください。
FAQ
-
WordPress のロゴを別の画像に変更するには ?
-
Install and configure the Login Logo plugin by Mark Jaquith or the Uber Login Logo plugin. This will change the logo on your password entry page AND also your admin login page.
-
サイトがパスワードで保護されている間にフィードを有効にするにはどうすればよいですか ?
-
設定で「フィードを許可する」チェックボックスをオンにします。
-
管理者がパスワードを入力するのを防ぐことはできますか ?
-
設定で「管理者を許可する」チェックボックスをオンにします。
-
テーマカスタマイザで変更内容をプレビューできません
-
You must be an administrator (have the manage_options capability) and in the Password Protected settings, check the ‘Allow Administrators’ checkbox.
-
どうすればログアウトできますか ?
-
あなたのURLに「password-protected=logout」を追加するだけです。
例) http://www.example.com/?password-protected=logout -
I have forgotten the password. How can I disable the plugin?
-
If you go to your WordPress admin login page
/wp-login.phpand it shows the admin login fields, you should still be able to login and disable the plugin.If the admin login screen insteads shows the Password Protected field, you will need to access your site via SFTP/SSH and delete the Password Protected plugin folder in the plugins folder
wp-content/plugins/password-protected. -
ログアウト時に、別のドメインにリダイレクトするにはどうすればよいですか ?
-
If passing a redirect URL using ‘redirect_to’ when logging out you need you may need to use the allowed domain names filter to allow redirecting to an external domain.
-
バグや問題はどこで報告できますか?
-
プラグインの GitHubページに問題とバグを報告してください。
必要に応じて、提案された拡張機能を提出することもできます。 -
私はどのように貢献できますか?
-
If you can, please fork the code and submit a pull request via GitHub. If you’re not comfortable using Git, then please just submit it to the issues link above.
-
このプラグインをどのように翻訳できますか?
-
If you would like to translate this plugin you can easily contribute at the Translating WordPress page. The stable plugin needs to be 90% translated for a language file to be available to download/update via WordPress.
評価
貢献者と開発者
変更履歴
2.6.3.1
- Fix – Parse error related to PHP version 7.2
2.6.3
- New – Added Freemius SDK integration.
- New – Added functionality to login with transient if the cookies are blocked.
- Fix – Fixed Redirect Issue from excluded page to password protected page.
2.6.2
- Fix – Parse error related to PHP version 7.2
2.6.1
- Fix – Parse error related to PHP version 7.2
- Update – Link to official Google Re-captcha documentation
2.6.0
- Improved admin settings interface and introduced NEW tabs structure.
- NEW: Added Google Recaptcha v2 and v3 to make it more secure.
- NEW: Added Password Protected top-level admin menu for ease.
- NEW: Added option to add text above password Field.
- NEW: Added option to add text below password Field.
2.5.3
- Improved Settings HTML structure
- Added Note regarding compatibility with login designer within dashboard
2.5.2
- Made compatibility with Login Designer; Now you can customize the password-protected screen with the customizer using login designer plugin.
2.5.1
- Fix – Author name conflict resolved
2.5
- Deprecate
wp_no_robotsand replace withwp_robots_no_robotsfor WordPress 5.7+
2.4
- Add a Nocache header to the login page redirect to prevent the browser from caching the redirect page. Props De’Yonte W.
- Remove ‘password-protected’ query from redirects on successful login or logout.
- Check “redirect_to” query var is set in hidden form field. Props Matthias Kittsteiner.
- Add favicon to password protected login page.
2.3
- Adds
password_protected_cookie_namefilter for the cookie name. Props Jose Castaneda. - Let developers override the capability needed to see the options page via a
password_protected_options_page_capabilityfilter. Props Nicola Peluchetti. - Don’t use a “testcookie” POST query as it is blocked by Namecheap (and possibly other hosts).
- Fix warnings in W3 validator – script and style “type” attribute not required. Props @dianamurcia.
- Translations now via translate.wordpress.org.
- Updated URL references. Props Garrett Hyder.
2.2.5
- Added
password_protected_login_password_titlefilter to allow customizing the “Password” label on the login form. Props Jeremy Herve. - Fix stray “and” in readme. Props Viktor Szépe.
- Update Portuguese translation. Props Jonathan Hult.
- Update Russian translation. Props Alexey Chumakov.
2.2.4
- Check that
$_SERVER['REMOTE_ADDR']is set.
2.2.3
- Restrict REST-API-access only if password protection is active.
- Added viewport meta tag to login page.
- Added
password_protected_show_loginfilter. - Cookie name is not editable in the admin so display just for reference.
- Use default WordPress text domain for “Remember Me” and “Log In” buttons.
2.2.2
- Change locked admin bar icon to green.
- Fix REST option and always allow access to REST API for logged in users.
2.2.1
- Fixed PHP error when calculating cookie expiration date.
2.2
- Added admin bar icon to indicate wether password protection is enabled/disabled.
- Option to show “Remember me” checkbox. Props Christian Güdel.
- REST API access disabled if password not entered.
- Admin option to allow REST API access.
- More robust checking of password hashes.
2.1
- Update caching notes for WP Engine and W3 Total Cache plugin.
- Tested up to WordPress 4.8
2.0.3
- メソッドをpublicまたはprivateとして宣言し、PHP5コンストラクタを使用します。
- [Allow IP Addresses]の横にあるユーザーのIPアドレスを管理者設定で表示します。
- CHANGELOG.mdとREADME.mdを追加。
2.0.2
- 許可されたIPアドレスが保存時に有効であることを確認します。
- Only redirect to allowed domain names when logging out.
2.0.1
- ログアウト機能を別の機能に分割。
- Security fix: Use a more complex password hash for cookie key. Props Marcin Bury, Securitum.
2.0
- Added password_protected_logout_link shortcode.
- テーマフォルダに ‘password-protected-login.css’ がある場合は読み込みます。
- Added password_protected_stylesheet_file filter to specify alternate stylesheet location.
- Added is_user_logged_in(), login_url(), logout_url() and logout_link() methods.
- バスク語、チェコ語、ギリシャ語、リトアニア語、ノルウェー語の翻訳が追加されました。
- 保護がホームページでアクティブでない場合、ログイン / ログアウトの処理が改善されました。
1.9
- Fixed “Allow Users” functionality with is_user_logged_in(). Props PatRaven.
- Added option for allowed IP addresses which can bypass the password protection.
- Added ‘password_protected_is_active’ filter.
1.8
- Support for adding “password-protected-login.php” in theme directory.
- Allow filtering of the ‘redirect to’ URL via the ‘password_protected_login_redirect_url’ filter.
- Added ‘password_protected_login_messages’ action to output errors and messages in template.
- 翻訳を更新しました。
- Use current_time( ‘timestamp’ ) instead of time() to take into account site timezone.
- template_redirectアクションの前の方でログインを確認してください
1.7.2
- Fix always allow access to robots.txt.
- Added ‘password_protected_login_redirect’ filter.
- 翻訳を更新しました。
1.7.1
- Fix login template compatibility for WordPress 3.9
1.7
- Remove JavaScript that disables admin RSS checkbox.
- カスタムログインテンプレートを許可するための ‘password_protected_theme_file’ フィルターが追加されました。
- Add option to allow logged in users.
1.6.2
- プライバシー設定がオンの場合は、ログインページをインデックスに設定しないでください。
- Allow redirection to a different URL when logging out using ‘redirect_to’ query and full URL.
1.6.1
- Language updates by wp-translations.org (Arabic, Dutch, French, Persian, Russian).
1.6
- Robots.txt is now always accessible.
- Added support for Uber Login Logo plugin.
1.5
- Added note about WP Engine compatibility to readme.txt
- Requires WordPress 3.1+
- 設定には独自のページがあります。
- Fixed an open redirect vulnerability. Props Chris Campbell.
1.4
- 管理者がログインせずにサイトを使用できるようにするオプションを追加する。
- Use DONOTCACHEPAGE to try to prevent some caching issues.
- Added a contextual help tab for WordPress 3.3+.
- WordPress 3.5との互換性のために更新されたログイン画面のスタイル。
- Options are now on the ‘Reading’ settings page in WordPress 3.5
1.3
- Added checkbox to allow access to feeds when protection is enabled.
- Prepare for WordPress 3.5 Settings API changes.
- Added ‘password_protected_before_login_form’ and ‘password_protected_after_login_form’ actions.
- Added ‘password_protected_process_login’ filter to make it possible to extend login functionality.
- Now possible to use ‘pre_update_option_password_protected_password’ filter to use password before it is encrypted and saved.
- Ready for translations.
1.2.2
- ログインエラーメッセージを表示します。
- Escape ‘redirect_to’ attribute. Props A. Alagha.
1.2.1
- よくある質問。「ログアウトする方法」を追加しました。
- 保護が有効な場合にのみフィードを無効にします。
1.2
- セッションの代わりにクッキーを使用する。
1.1
- データベースのパスワードを暗号化します。
1.0
- First Release. If you spot any bugs or issues please log them here.