What is the best way to prevent visitors from accessing website in development?

305 views Asked by At

What is the best way to prevent visitors from accessing a website in development stage? Something in the lines of a 'whitelist'.

In my particular case I am using WordPress as the platform for creating this website. I searched for plugins but didn't find anything specific for it. I have a local server to develop the website however, there are a few functionalities that I need it to be on the live server.

4

There are 4 answers

1
Nabil Kadimi On

Using basic authentication with htpasswd (assuming you are in an Apache server).

Do it in 2 minutes:

0
Jim Maguire On

"Best way" is going to be dictated by the logic of what you're doing. Is the secret the functionality, the content, or related to your brand or service? Probably, it's related to the brand (most obvious reason). You don't want a public mess associated with the brand, but the fact a mess exists somewhere on the internet isn't of particular concern.

Here is what I do: Register another domain and work live there. You could even use a random string of letters like "serverasdfxyz123.com". If you don't put up searchable content, I don't see how anyone who wasn't super dedicated could find it. This also forces you to have the discipline to make your code portable to another domain. Do it twice. Go from staging server 1, to staging server 2, then to your deploy.

2
Howli On

Since you are using WordPress, the plugin Restricted Site Access should be adequate.

  • Once installed go to Settings -> Reading
  • Near the bottom of the page there is an option called "Site Visibility" change the option to: " Restrict site access to visitors who are logged in or allowed by IP address"
  • There are now two new options called "Handle restricted visitors" and "Unrestricted IP addresses"
  • The first option will allow you to :
    • Send them to the WordPress login screen
    • Redirect them to a specified web address
    • Show them a simple message
    • Show them a specific WordPress page I've created (this is a good option for a splash page!)
  • The second option will allow you choose which IP address(es) to whitelist to view the website without needing to login or be redirect to the page/website you specified in the first option.
0
Ian Matt On

White List for Additional WordPress Site Pages for plugin Restricted Site Access

It seems like I can allow users to get to the registration page as my default redirect, and they could register or login.

The trouble is when the registration sends them an email with a validation link, the WordPress Activation email provides a link to the "Activate" page.

e.g. http://www.rosemansolutions.com/wordpress/activate/4WWEDW2oxhRvW69INJi2DSgQFockI49R/

Any way I can add additional WordPress pages to the "White" list, as we can do for IP Addresses? I'm willing to pay for it :-)