<< See Contexture’s Other WordPress Freebies!

What does it do?

You control who has access to your contentConfigure permissions your wayUse groups for simple user organizationSee permissions at a glance

By adding much-needed user-management functionality to WordPress, Page Security by Contexture International (PSC) lets YOU decide which users can access which content. Add users to groups, set granular permissions for content, and finally take control of your website!

Create an intranet or a members-only area with just a few clicks, or build a subscription based system with automatically expiring memberships. You can even create multiple levels
of security for powerful, granular protection of any section, or sub-section on your site.

Use groups allow you to organize your users how YOU see fit, then use your groups to choose who can access posts, pages, custom content, or entire sections of your website.

PSC is created to be simple, yet powerful – and is designed to integrate seamlessly and intuitively with WordPress. If you know how to use WordPress, you know how to use PSC.

Quick Start

This will walk you through protecting your very first page. Let’s assume you want to limit access to a particular page to only registered users. Here’s how we’d do that:

  1. Go the page’s Edit screen – the one where you would normally make changes to the page.
  2. In the Restrict Access sidebar, click the option “Protect this page and it’s descendants“. More options will appear.
  3. Use the Available Groups drop-down to select the “Registered Users” group – then click the Add button.
  4. You’re done! Now, only registered users will be able to see this page. Everyone else will either be shown a default “Access Denied” message.

Tip: You can customize your Access Denied messages from you admin, under Settings > Page Security.

Tips & Tricks:

  • Any page or post can be easily made admin only!
    To do this: When editing a page, check the “Protect this page it’s descendants” checkbox but don’t add any groups. By default, all protected pages can be seen by Admins or Editors – but if you don’t add any groups, they will be invisible to non-admin users.
  • The “Restrict Access” sidebar is AJAX-loaded, so any changes you make to security are saved immediately! There’s no need to click the “Update” button to save changes to a page’s security.
  • You can now protect your entire site. When this option is enabled, the entire site is treated as if it were a “protected section”. Users must be a member of at least one group with site access, or they will be given an access denied message.

While we believe this plugin is secure, we make no warranty about it’s effectiveness during real-world use. Only time and testing will tell for sure. USE AT YOUR OWN RISK!

License

This plugin is distributed under the GNU General Public License (GPLv2).

Download

Download Page Security from WordPress.org >>
<< See Contexture’s Other WordPress Freebies!

525 Responses to Page Security for WordPress


  1. Steve

    Great plugin, thanks.

    Apologies if this is an obvious question but how do I do the following in a template?

    if current user is in group=x … echo something

    Thanks.

  2. Geoff

    Can we protect content with in a page, not just the whole page, based on the group you are in?

    I basically want to setup a page so that if you are in group 1, you get this message, and if you are in group 2, you get this message.

  3. Curt44319

    Getting to be a big problem…
    ( writing the log causing disk thrashing and server uninterruptible sleeps )
    PHP Warning: Creating default object from empty value in /wp-content/plugins/contexture-page-security/core/CTXPS_Security.php on line 310

    Module version 1.5.9

    • Contexture

      Egads, I thought I had fixed all those bugs in 1.5.9!

      I’ll issue an update ASAP.

    • Contexture

      Curt, I just released 1.5.10, which should fix any remaining PHP errors or warnings. Thanks for hanging in there, and I really do appreciate the report.

  4. Amy

    How do you build a subscription based system with automatically expiring memberships? Can I do this without coding? Thanks, Amy

    • Contexture

      Unfortunately no.

      The functions included with PSC are pretty simply for anyone familiar with PHP, but because you would be tying together any number of unique systems, it would require a little bit of coding no matter what. :-/

  5. Len Johnson

    Upgrading to WP 3.6 appears to break Page Security. Activating the plugin after the upgrade give the dreaded White Screen of Death.

  6. Michael Hedegaard

    When not logged in I get the error below on top of my homepage.

    Warning: Creating default object from empty value in /home/n117237/public_html/wp-content/plugins/contexture-page-security/core/CTXPS_Security.php on line 175

    Is there a way to get rid of this? My WP is fully updated to the newest version.

  7. Simon Pierce

    Hi, The plugin is great, exactly what I was looking for. I have one small issue. When a customer has previously logged in and viewed restricted content, then logs out. He can go to that same page and see the content, without logging in again. Is there a reason for this. There will be a few people using the same computer and the people without permission will be able to view the recently accessed page.
    Is there some kind of cookie created?

    • Contexture

      It’s likely a result of browser caching. PSC tries to send headers that prevent browsers from caching protected content, but ultimately it’s up to the browser whether it obeys the suggestion or not… and there are plugins (W3 Total Cache) and server settings (Pagespeed, etc) that can override those headers as well. Generally speaking, most browsers are designed to cache as aggressively as possible since this improves speed and limits the amount of data that needs to be transferred. If the browser is holding onto a cached version of the page, then what you are seeing is what the browser has saved, as it is not loading from the server.

  8. Lindsey

    Hey guys, your plugin is working great for us so far! I only have one question. Is it possible to restrict items found via the “Search” bar? I’m not seeing any way to do that and searching is returning unauthorized items for unauthenticated users. Thanks in advance!

    • Contexture

      Are you using a custom search plugin, perchance? PSC should already filter search results provided they are being served up through the built-in WordPress systems.

  9. Mark

    Hi Matt

    Sorry to Bother you with all this.

    I’ve got it all sorted out now. I was working with an old template that was trying to do something tricky to make up for a earlier version WordPress that did not handle the home page being in the main menu.

    Mark

  10. Mark

    Those last few posts I did destroyed some of the code I posted, sorry if it’s a little confusing.

  11. Mark

    More info

    Just to be clear. My home menu item is being created from a functions.php file with this in it.


    // Default Main Nav Function
    function default_main_nav() {
    echo '';
    wp_list_pages('title_li=');
    echo '';
    }

    // Add home link to menus
    function new_nav_menu_items($items, $args) {
    if( $args->theme_location == 'main-nav' ){ //Only if the the main-nav area (not sidebar menu widgets)
    $homelink = '' . __('Home') . '';
    $items = $homelink . $items;
    } else {
    return $items;
    }
    return $items;
    }
    add_filter( 'wp_nav_menu_items', 'new_nav_menu_items', 10, 2 );
    add_filter( 'wp_list_pages', 'new_nav_menu_items' );

  12. Mark

    Hi Matt

    I found some code that was causing the home menu to not display while not logged in.

    This is from WordPress 3.5.2

    in the file /wp-includes/nav-menu-template.php

    on line 181 it now has this…


    if ( !$menu || is_wp_error( $menu ) || empty( $menu_items ) )

    I think the $menu_items is empty and hence my home menu does not display.

    Previously that line of code was just this…


    if ( !$menu || is_wp_error( $menu ) )

    I dont really want to make changes to core wprdpress files so I was wondering if their is something that can be changed in the plugin to help my situation.

  13. Mark

    Hi Matt

    I’m using a custom menu in the main nav bar area.

    Here is the code in my header.php that loads the menu if this helps.


    'main-nav' , 'fallback_cb' => 'default_main_nav' , 'container' => '' , 'menu_id' => 'main-nav' , 'menu_class' => 'main-nav'));
    } else {
    default_main_nav();
    } ?>

  14. Mark

    Hi Matt

    One thing I forgot to mention is that the problem goes away when I deactivate the plugin, hence why I’m writing to you.

    Cheers

  15. Mark

    Hi Matt

    I’ve just recently updated my WordPress install to 3.5.2 and have run into an issue with this plugin.

    When visting my site and not logged in my home page is set as a page that all people can see (no security set). Problem is the main menu on my page is now empty. It used to be populated with the HOME menu item as it is not protected by this plugin.

    When I login to the site all my menu’s appear again.

    I do have set “Enable Menu Filtering:” in my settings. This was working just fine before the upgrade to wordpress. It’s like this plugin wants to hide the default home page.

    Sorry I dont have a link for you to check as it’s an internal project.

  16. Tony Styles

    Firstly, profuse apologies for the ‘Pro’ reference. I was, obviously, having a ‘senior moment’. Secondly, apologies for the delay in responding. I have been out of the country for over a month and am only just catching up.

    I am very new to WP. Could you please expand a little on ‘WordPress’s established rules and conventions’. My particular area of interest is events. I am using All in One Calendar by Timely (Pro version) and would have thought that it met the criteria you mentioned. Sorry to be such a ‘noob’.

    Kind regards

    Tony

    • Contexture

      Unfortunately, a lot of the “Pro” plugins out there are essentially completely separate web apps that just happen to integrate a bit with WordPress’s admin (albeit poorly). In my experience, Event manager plugins are the worst of the worst offenders (as of right now, there are none that I can recommend). PSC can’t protect that kind of content because it’s technically not WordPress content… it’s like a completely separate program. It doesn’t use WordPress APIs, so as far as PSC is aware, it doesn’t exist.

      But unless a plugin actually uses WordPress APIs, there’s no way to support those things because they’re not WordPress based. They just happen to work with WordPress.

      Hopefully that explains it. :-)

  17. Tony Styles

    I must confess I am slightly disappointed with your product (purchased the pro version). Whilst it protects posts and prevents unauthorised entry the post still appears in Recent Posts. It also does a similar things with calendar entries and Upcoming Events. Menus are great. Cannot the same logic be applied to posts and calendar items?

    • Contexture

      Tony,

      There is no pro version. Page Security is a completely free, open source project that we built and maintain on our free time. In order to function with custom post/content types created by other plugins (like calendars or events) those plugins must follow WordPress’s established rules and conventions. If they don’t, they are essentially a separate piece of software from WordPress and Page Security will have no way to affect it.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>