WP Page and Post restriction

WP Page and Post restriction


While developing content for a business or platform with a large number of users might be challenging, especially when it comes to access provision/restriction inside that website (s). Page Restriction is useful for restricting individual blocks inside a post to offer users a sample of the content rather than restricting entire Pages or Posts. With the help of the WordPress (WP) Page and Post Restriction plugin, you can Protect/Restrict page and post content on your WordPress site. To restrict the page and post based on the user roles you can follow WordPress (WP) Page Restriction Setup Guide.

Protect content access for WordPress (WP) | Give access to specific WP pages and posts based on user’s roles and logged in/logged out status | Page restriction and Post Restriction

 Tested with 5.9.1

Restrict Specific Pages/Posts

miniorange img How to make the pages and posts private in WordPress so that only logged-in users can access them?

  • To make the Pages private to only logged-in users, go to the Page Access tab, and tick the checkboxes for the pages under the Make Page Private column to restrict the users who are not logged in.
  • Page Restriction WordPress (WP) | Restrict Specific Page/Posts | Restrict Page Post
  • Click on Save Configuration once the required pages that are to be restricted, are selected.
  • Page Restriction WordPress (WP) | Restrict Specific Page/Posts | Page Private
  • Similarly, to make the Posts private to only logged-in users, go to Post Access tab, select the pages under the Make Post Private column to restrict the users who are not logged in and click on Save Configuration.

Restrict Pages/Posts to specific roles

miniorange img  How to give access to pages or posts to only specific WordPress Roles?

  • To give access to Pages based on WordPress roles, navigate to the Page Access tab, and under Page Restrictions, enter the role(s) of a user who will be allowed to access the pages. You can also restrict pages for custom roles. (By default all pages and posts are accessible to all users irrespective of their roles).
  • Click on Save Configuration once the required roles have been entered.
  • Page Restriction WordPress (WP) | Restrict Page/Posts to specific post | Restrict Page Post Roles
  • Similarly, to give access to Posts based on WordPress roles, the roles can be entered in the Post Access tab under Post Restrictions.

Restrict all Pages/Posts

miniorange img How to make all the pages and posts private in WordPress so that only logged-in users can access them?

  • To make all the Pages private, go to the Page Access tab and under the Global settings for all pages section, enable the Make all Pages Private option
  • Page Restriction WordPress (WP) | Restrict all Page/Posts | Page Private
  • Similarly, to make all the Posts private, go to the Post Access tab and under the Global settings for all posts section, enable the Make all Posts Private option.
  • Page Restriction WordPress (WP) | Restrict all Page/Posts | Post Private
  • Enabling both these toggles (Make all Pages Private and Make all Posts Private) would restrict unauthorized access to all your pages and posts.

miniorange img How to protect all the WordPress pages and posts behind the WordPress login page?

  • To protect all the Pages, go to the Page Access tab and under the Global settings for all pages section, enable the Make all Pages Private option
  • Page Restriction WordPress (WP) | Restrict all Page/Posts | Page Private
  • Now, scroll down to the Restricted Content Behaviour section and select the radio button for the Redirect to Login Page option.
  • Page Restriction WordPress (WP) | Restrict all Page/Posts | Protect page behind WordPress login page
  • Similarly, to protect all the Posts behind the WordPress login Page, go to the Post Access tab and under the Global settings for all posts section, enable the Make all Post Private option.
  • Page Restriction WordPress (WP) | Restrict all Page/Posts | Protect posts behind WordPress login page
  • Then scroll down to the Restricted Content Behaviour section and select the radio button for the Redirect to Login Page option.
  • Page Restriction WordPress (WP) | Restrict all Page/Posts | Protect page behind WordPress login page
  • This would protect all your pages and posts behind the WordPress login page such that the users would be automatically redirected to the login page on accessing any page or post on your site.

Restrict Custom Post Types

miniorange img How to restrict posts of a custom post type?

  • To apply restrictions on custom posts, go to the Post Access tab. Select your Custom Post Type from that Select type of post dropdown.
  • Now, select the posts under the Make Post Private column to restrict your posts of custom type. (By default all custom post types are accessible to all users).
  • Page Restriction WordPress (WP) | Restrict Custom Post Types | Custom post

Restricted Content Behaviour

miniorange img What happens when a non logged-in user tries to access a page or post that is restricted?

  • Let’s say, you have made configurations in the Page and Post Restriction plugin to restrict “Page A” so that only logged in users can access that page. Now, if a user who is not logged into the WordPress site tries to access Page A, by default the user would be shown a WordPress error page with the message “Oops! You are not authorized to access this”.
  • Page Restriction WordPress (WP) | Restrict Content Behaviour | Unauthorized Access
  • You can change this Restricted Content Behaviour for pages under the Restrict Options before Login in the Page Access tab. Similarly, for changing this behaviour for posts, you can navigate to the Restrict Options before Login section in the Post Access tab.
For a user who is not logged in, the behaviour for the restricted content can be one of the following:
  • Message on display - Using this option, the default error message can be changed as per requirement. To modify the error message, you can refer the steps mentioned here.
  • Redirect to Page Link - The user can be redirected to any specified URL.
  • Redirect to Login Page - The user is automatically redirected to the default WordPress login page, making the authentication and access process easy for the user.
  • Single Sign-On - This option can be used to automatically redirect the user to your Identity Provider for SSO as configured in the WordPress SAML SSO Plugin or WordPress OAuth SSO Plugin.
  • Page Restriction WordPress (WP) | Restrict Content Behaviour | custom message

miniorange img What happens when a user tries to access a page or post that is restricted for their user role?

  • Let’s say, in the Page and Post Restriction plugin, you have entered the value “Administrator; Author” in the input box Enter Roles who can view this Page for the “Page A” so that only the user with roles as Administrator and Author in WordPress can access that page. Now, if a user who has a role as Subscriber in the WordPress site, tries to access Page A after login, by default the user would be shown a WordPress error page with the message “Oops! You are not authorized to access this”.
  • You can change this Restricted Content Behaviour for pages under the Restrict Options after Login section in the Page Access tab. Similarly, for changing this behaviour for posts, you can navigate to the Restrict Options after Login section in the Post Access tab.
For a user who does not have the role to access a page or post as configured in the plugin, the behaviour for the restricted content can be the following:
  • Message on display - Using this option, the default error message can be changed as per requirement. To modify the error message, you can refer the steps mentioned here.
  • Redirect to Page Link - User can be redirected to any specified URL, for example, a custom error page.
  • Page Restriction WordPress (WP) | Restrict Content Behaviour | Restricted User Role

Redirect user to custom error message/page

miniorange img How to redirect the restricted users to a custom error page ?

Redirect a non logged in user to a custom error page
  • If you want to redirect a user who is not logged in to a custom error page, then you can use the Restrict Options before Login under the Restricted Content Behaviour section in the Page Access/Post Access Tab.
  • In the Restrict Options before Login, select the Redirect to Page Link option and enter the custom error page URL where you want to redirect the non logged in users.
  • Click on Save and Test URL to confirm the page where user would be redirected.
  • Page Restriction WordPress (WP) | Redirect user to custom error message/page | Redirect non logged in user to custom page
  • Once this is configured, if a non logged in user tries to access a restricted page or restricted post, the user would be redirected to a custom error page as configured.
Redirect a user who does not have the required role to a custom error page
  • If you want to redirect the user (who does not have the required role after login to access the pages) to a custom error page, then you can use the Restrict Options after Login under the Restricted Content Behaviour section in the Page Access/Post Access Tab.
  • Page Restriction WordPress (WP) | Redirect user to custom error message/page | Redirect user with invalid role to custom page
  • In the Restrict Options before Login, select the Redirect to Page Link option and enter the custom error page URL where you want to redirect the non logged in users.
  • Click on Save and Test URL to confirm the page where user would be redirected.
  • Once this is configured, the users who do not have the role would be redirected to a custom error page as configured.

miniorange img How to add a custom message for the restricted users?

Custom error message to a non logged in user
  • If you want to show a custom error message to a user who is not logged in, then you can use the Restrict Options before Login under the Restricted Content Behaviour section in the Page Access/Post Access Tab.
  • In the Restrict Options before Login, select the Message on Display option and enter the message you want to display for the restricted users.
  • Click on Save and Preview to see how the message would be displayed.
  • Page Restriction WordPress (WP) | Redirect user to custom error message/page | Custom error message to a non logged in user
  • Once this is configured, if a non logged in user tries to access a restricted page/post, the user would be shown a custom error message screen as shown in the screenshot below.
  • Page Restriction WordPress (WP) | Redirect user to custom error message/page | Custom message
Custom error message to a user who does not have the required role
  • If you want to show a custom error message to a user who does not have the required role after login to access the pages, then you can use the Restrict Options after Login under the Restricted Content Behaviour section in the Page Access/Post Access Tab.
  • Page Restriction WordPress (WP) | Redirect user to custom error message/page | Custom error message to a invalid user role
  • In the Restrict Options after Login, select the Message on Display option and enter the custom error page URL where you want to redirect the non logged in users.
  • Click on Save and Preview to see how the message would be displayed.
  • Once this is configured, the users who do not have the role would be shown a custom error message screen as shown in the screenshot below
  • Page Restriction WordPress (WP) | Redirect user to custom error message/page | Custom error message

Redirect to Single Sign-On (SSO)

miniorange img How does Page Restriction Plugin work with the WordPress SAML SSO Plugin?

  • The WordPress SAML SSO Plugin enables Single Sign-On on the WordPress site with the Identity Provider (for example - Okta, Azure AD, Azure B2C, Salesforce, ADFS, Keycloak etc.) configured in the plugin. Page Restriction Plugin along with the WordPress SAML SSO Plugin allows protecting specific pages/posts on the site behind Single Sign-On.
  • Let’s say, you have restricted “Page A” behind SSO. This would mean when the user tries to access Page A, the user would be automatically redirected to the Identity Provider (as configured in the WP SAML SSO Plugin) login page for authentication. After successful authentication by the Identity Provider (IDP), the user would be logged into the WordPress site and given access to Page A.
  • To configure the SSO options for pages/posts, navigate to the Page Access / Post Access Tab and tick the checkboxes for the pages under the Make Page Private column to restrict the users who are not logged in.
  • Page Restriction WordPress (WP) | Redirect to Single Ign-On | Page private
  • Now navigate to the select the Restricted Content Behaviour section and under the Restrict Options before Login, select the Single Sign-On option to redirect the restricted users to the IDP login page.
  • Page Restriction WordPress (WP) | Redirect to Single Sign-On| Single Sign-On

Miscellaneous

miniorange img How to assign parent page restrictions to child pages?

  • To assign restrictions given to parent pages to child pages, go to the Page Access tab.
  • Under the Auto-assign Parent Configuration to Child Pages column, select the option to assign restrictions as of parent pages to the child pages. By ticking the checkbox, the child pages under the selected parent page will be automatically assigned the parent configuration
  • Click on Save Configuration once the required pages are selected.
  • Page Restriction WordPress (WP) | Miscellaneous | Parent Page Restrictions

    NOTE: To assign the configurations of the parent page to every child page by default, the toggle for Auto-assign Parent Configurations to all Child Pages in Global settings for all pages section can be enabled.

    Page Restriction WordPress (WP) | Miscellaneous | Auto-Assign Parent

Conclusion

The WordPress (WP) Page and Post Restriction plugin limits the access to the pages/posts/blocks of your WordPress site based on the User Roles. This plugin ensures a seamless process to achieve role based page and post restriction in your WordPress site, enabling you to administer or manage your users in terms of access of your WordPress site.


If you are looking for anything which you cannot find, please drop us an email on samlsupport@xecurify.com

Additional Resources

Why Our Customers choose Page restriction for WordPress (WP) plugin?


24/7 Support

miniOrange provides 24/7 support for all the Secure Identity Solutions. We ensure high quality support to meet your satisfaction.

Sign Up

Customer Reviews

See for yourself what our customers say about us.
 

Reviews

Extensive Setup Guides

Easy and precise step-by-step instructions and videos to help you configure within minutes.

Setup Guide


We offer Secure Identity Solutions for Single Sign-On, Two Factor Authentication, Adaptive MFA, Provisioning, and much more. Please contact us at

 +1 978 658 9387 (US) | +91 77966 99612 (India)   samlsupport@xecurify.com

Hello there!

Need Help? We are right here!

support
Contact miniOrange Support
success

Thanks for your inquiry.

If you dont hear from us within 24 hours, please feel free to send a follow up email to info@xecurify.com