Protect Entire Blog

If you, for some reason, need to protect your ENTIRE blog from “non-logged in users” – meaning, any part of your blog (menus, sidebars, widgets, etc), including the un-protected pages, should be seen only by someone who is already logged in – be it a free user or a paid user, then here’s how you do it…

  1. Go into your WordPress Admin, click on Appearance > Editor
  2. Make sure your current theme is selected in the drop-down towards the right/top corner.
  3. Click on “Header” (header.php) of your theme.
  4. Enter the following text right towards the very top of that file.

include_once “./dap/dap-config.php”;

if( !Dap_Session::isLoggedIn() ) {
header(“Location: /dap/login.php”);

The only thing you need to make sure is that you have the path to the dap-config.php correct.

If your blog is in the root, then use the code above as is.

If your blog is in a sub-folder, then replace line in red above, with the line in red below…

include_once “../dap/dap-config.php”;

That’s it!


Please remember that if you do this, then you must use the default DAP login page /dap/login.php , and you won’t be able to put the login form within WordPress.

The reason for this, is that the protection code is being applied at the theme level, and the protection will also apply to all WordPress pages and posts – and if you put the DAP login form inside a WP page, then that page will also get protected from everyone, and no one will even be able to get to the login form in order to log in. That makes your site impossible to log in to, which of course makes no sense.

Click Here to Leave a Comment Below 2 comments
Peter - February 16, 2011

Can this “hack” be used on just a widget instead of the whole blog?

Veena Prashanth - February 16, 2011

Yes, it should work on a widget as well.


Leave a Reply: