這個外掛並未在最新的 3 個 WordPress 主要版本上進行測試。開發者可能不再對這個外掛進行維護或提供技術支援,並可能會與更新版本的 WordPress 產生使用上的相容性問題。

WordPress .htpasswd Generator

描述

Want to protect resources in a folder only to registered users in your WordPress installation? This plugin sync any WP users with Apache basic authentication system file-based automagically: accessing protected resources will prompt for WordPress account credentials

Advanced options

If you want to protect resources with WordPress credential on another server, you can provide FTP credentials:
this plugin will take care to copy .htpasswd_generated to remote server. It’s up to you then to configure Apache .htaccess file propertly.

螢幕截圖

  • Htpasswd Generator settings page

安裝

  1. Upload plugin folder to the /wp-content/plugins/ directory.
  2. Activate the plugin through the Plugins menu in WordPress.
  3. Go to Htpasswd Generator settings page under WordPress Settings menu
  4. Fill Generic Settings section to provide resource paths to protect. Remember that resource folders must alredy exist
  5. Now Apache will ask for basic authentication while trying to access that resources

常見問題

How WordPress users are synchronized with *.htpasswd_generated* file?

This plugin hooks to some WordPress Actions involving user’s creation, update or deletion, such as:

  • user_register
  • profile_update
  • delete_user
  • password_reset
After plugin activation, only new users or updated users can access protected resources, why?

WP user’s passwords are hashed before storing on db, so they cannot be reverted to plain text for security reason. Apache basic authentication based on file expects a different type of password hashing, so this plugin cannot use WP hashed version but has to catch and hash user’s password before they are hashed from WP. Unfortunately, the only way to sync .htpasswd_generated with existing users is to update their password (even with same value) from admin panel or from reset password functionality so it can be caught and hashed when still plain text.

Is it opensource?

You can fork, edit and pull request sources from GitHub

評價

There are no reviews for this plugin.

貢獻者及開發者

“WordPress .htpasswd Generator” 是一個開源的軟體。以下的人對這個外掛作出了貢獻。

貢獻者

將 WordPress .htpasswd Generator 外掛本地化為台灣繁體中文版。

對開發相關資訊感興趣?

任何人均可瀏覽程式碼、查看 SVN 存放庫,或透過 RSS 訂閱開發記錄

修改日誌

1.1.2

  • No new feature. Just needed to meet WordPress update system

1.1.1

  • Fixed issue #1: switched encryption algorithm to APR1-MD5, compatible with Apache 2.2.18 and above, both on Linux and Windows

1.1.0

  • Automatic folder protection: now in new settings page you can specify folders path you want to protect: no more need to move and rename rename_me_to_.htaccess manually!
  • New FTP upload feature: if you need to protect a remote resource (on another server than WordPress installation), you can upload .htpasswd_generated automatically via FTP to another server. Remember to configure .htaccess file properly on remote server.