What is the best way to prevent visitors from accessing a website in development stage? Something in the lines of a 'whitelist'.
In my particular case I am using WordPress as the platform for creating this website. I searched for plugins but didn't find anything specific for it. I have a local server to develop the website however, there are a few functionalities that I need it to be on the live server.
On
"Best way" is going to be dictated by the logic of what you're doing. Is the secret the functionality, the content, or related to your brand or service? Probably, it's related to the brand (most obvious reason). You don't want a public mess associated with the brand, but the fact a mess exists somewhere on the internet isn't of particular concern.
Here is what I do: Register another domain and work live there. You could even use a random string of letters like "serverasdfxyz123.com". If you don't put up searchable content, I don't see how anyone who wasn't super dedicated could find it. This also forces you to have the discipline to make your code portable to another domain. Do it twice. Go from staging server 1, to staging server 2, then to your deploy.
On
Since you are using WordPress, the plugin Restricted Site Access should be adequate.
On
White List for Additional WordPress Site Pages for plugin Restricted Site Access
It seems like I can allow users to get to the registration page as my default redirect, and they could register or login.
The trouble is when the registration sends them an email with a validation link, the WordPress Activation email provides a link to the "Activate" page.
e.g. http://www.rosemansolutions.com/wordpress/activate/4WWEDW2oxhRvW69INJi2DSgQFockI49R/
Any way I can add additional WordPress pages to the "White" list, as we can do for IP Addresses? I'm willing to pay for it :-)
Using basic authentication with htpasswd (assuming you are in an Apache server).
Do it in 2 minutes: