WordPress.org

Taiwan 正體中文

  • 佈景主題目錄
  • 外掛目錄
  • 最新消息
  • 技術支援
  • 關於我們
  • 團隊
  • 取得 WordPress
取得 WordPress
WordPress.org

Plugin Directory

Authenticator

  • 提交外掛
  • 我的最愛
  • 登入
  • 提交外掛
  • 我的最愛
  • 登入

這個外掛並未在最新的 3 個 WordPress 主要版本上進行測試。開發者可能不再對這個外掛進行維護或提供技術支援,並可能會與更新版本的 WordPress 產生使用上的相容性問題。

Authenticator

由 Frank Bueltge 開發
下載
  • 詳細資料
  • 使用者評論
  • 安裝方式
  • 開發資訊
技術支援

外掛說明

This plugin allows you to make your WordPress site accessible to logged in users only. In other words, to view your site they have to create or have an account on your site and be logged in. No configuration necessary, simply activating – that’s all.

Crafted by Inpsyde

The team at Inpsyde is engineering the web and WordPress since 2006.

Donation?

You want to donate – we prefer a positive review, not more.

Bugs, technical hints or contribute

Please give me feedback, contribute and file technical bugs on GitHub Repo.

License

Good news, this plugin is free for everyone! Since it’s released under the GPL, you can use it free of charge on your personal or commercial blog. But if you enjoy this plugin, you can thank me and leave a small donation for the time I’ve spent writing and supporting this plugin. And I really don’t want to know how many hours of my life this plugin has already eaten 😉

Translations

The plugin comes with various translations, please refer to the WordPress Codex for more information about activating the translation. If you want to help to translate the plugin to your language, please have a look at the translation possibility in this page here.

Donation?

You want to donate – we prefer a positive review, not more.

螢幕擷圖

  • Authenticator’s setting options at Settings → Reading.
  • Auth token for feeds is displayed on the user’s profile settings page.

安裝方式

Requirements

  • WordPress version 1.5 and later.
  • PHP 5.6 or later.
  • Single or Multisite installation.

On PHP-CGI setups:
– mod_setenvif or mod_rewrite (if you want to user HTTP authentication for feeds).

Installation

  1. Unzip the downloaded package.
  2. Upload folder include the file to the /wp-content/plugins/ directory.
  3. Activate the plugin through the Plugins menu in WordPress.

or use the installer via the back end of WordPress.

On PHP-CGI setups

If you want to use HTTP authentication for feeds (available since 1.1.0 as an optional feature) you have to update your .htaccess file. If mod_setenvif is available, add the following line to your .htaccess:

SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1

Otherwise you need mod_rewrite to be enabled. In this case you have to add the following line to your .htaccess:

RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

In a typical WordPress .htaccess it all looks like:

<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteRule ^index\.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
    RewriteRule . /index.php [L]
</IfModule>

On a multisite installation:

# BEGIN WordPress
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]

# uploaded files
RewriteRule ^files/(.+) wp-includes/ms-files.php?file=$1 [L]

RewriteCond %{REQUEST_FILENAME} -f [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^ - [L]

RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteRule . index.php [L]
# END WordPress

Settings

You can change the settings of Authenticator in Settings → Reading. The settings refer to the behavior of your blog’s feeds. They can be protected by HTTP authentication (not all feed readers support this) or by an authentication token which is added to your feed URL as a parameter. The third option is to keep everything in place. So feed URLs will be redirected to the login page if the user is not logged in (send no auth-cookie).

If you using token authentication, you can show the token to the blog users on their profile settings page by setting this option.

HTTP Auth

Users can gain access to the feed with their username and password.

Token Auth

The plugin will generate a token automatically when choosing this option. Copy this token and share it with the people who should have access to your feed. If your token is ef05aa961a0c10dce006284213727730 the feed URLs look like so:

# Main feed
https://example.com/feed/?ef05aa961a0c10dce006284213727730

# Main comment feed
https://example.com/comments/feed/?ef05aa961a0c10dce006284213727730

# Without permalinks
https://example.com/?feed=rss2&ef05aa961a0c10dce006284213727730

API

Filters

  • authenticator_get_options gives you access to the current authentication token:

    <?php
    $authenticator_options = apply_filters( ‘authenticator_get_options’, array() );

  • authenticator_bypass gives you the possibility to completely bypass the authentication. No authentication will be required then.

    <?php
    add_filter( ‘authenticator_bypass’, ‘__return_true’ );

  • authenticator_bypass_feed_auth gives you the possibility to open the feeds for everyone. No authentication will be required then.

    <?php
    add_filter( ‘authenticator_bypass_feed_auth’, ‘__return_true’ );

  • authenticator_exclude_pagenows Pass an array of $GLOBALS[ 'pagenow' ] values to it, to exclude several WordPress pages from redirecting to the login page.

  • authenticator_exclude_ajax_actions AJAX-Actions (independend of _nopriv) which should not be authenticated (remain open for everyone)

  • authenticator_exclude_posts List of post-titles which should remain public, like the follow example source to public the ‘Contact’-page.

    <?php
    add_action( 'plugins_loaded', function() {
        add_filter( 'authenticator_exclude_posts', function( $titles ) {
            $titles[] = 'Contact'; // here goes the post-title of the post/page you want to exclude
            return $titles;
        } );
    } );
    

使用者評論

Functionality

giovanni1963it 2024 年 6 月 24 日
perfect

I love simplicity

gudi 2020 年 8 月 10 日
It doesn’t get easier than this. Thank you ♥

Indispensable

Peter Raschendorfer 2018 年 9 月 6 日
This is the first plugin I install on every new website to protect it until going live. Never had any problems with this handy piece of software. Thanks, Peter

Simple & effective

Mountain_King 2017 年 8 月 13 日
Just installed it and is working like a charm! Thanks!

very simply

claudio68 2017 年 5 月 5 日
that’s all

very good

janramroth 2016 年 10 月 26 日
Very simple, no configuration, just puts the login screen to WordPress frontend. Perfect for me.
閱讀全部 8 則使用者評論

參與者及開發者

以下人員參與了開源軟體〈Authenticator〉的開發相關工作。

參與者
  • Frank Bueltge
  • Inpsyde GmbH
  • Robert Windisch
  • David

〈Authenticator〉外掛目前已有 3 個本地化語言版本。 感謝全部譯者為這個外掛做出的貢獻。

將〈Authenticator〉外掛本地化為台灣繁體中文版

對開發相關資訊感興趣?

任何人均可瀏覽程式碼、查看 SVN 存放庫,或透過 RSS 訂閱開發記錄。

變更記錄

1.3.1 (2022-11-22)

  • Security Fix: Generate valid nonce only for privileged user to prevent privilege elevation.

1.3.0 (2017-11-30)

  • Fixed a topic on login of users if you exclude posts from the Authenticator.
  • Add new filter hook to bypass the plugin authenticator_bypass, see the readme.
  • Should now be ready for translations from the WordPress translation service.

1.2.3 (08/10/2017)

  • Fixed loop about settings that create a fatal error.
  • Added authentication also for REST API; probs steffenster.

1.2.2 (08/10/2017)

  • Update readme to solve support questions, it works also under newer WP versions, tested up 4.9-alpha.

1.2.1 (08/31/2014)

  • Add guard for the constant XMLRPC_REQUEST.
  • Fix for XML-RPC bug #17.
  • Enhance the readme to exclude posts/pages #18.

1.2.0 (06/26/2014)

  • Fix the PHP notice #15.
  • Fix #14.
  • Add a removal of backlink in login footer #8.
  • Filter for Ajax actions #12.
  • Redefine $reauth for redirect #11.
  • Apply API Hook for exclude several URLs from redirect #10.
  • Add settings for XML-RPC #9.
  • Add Composer support.
  • Update readme to see all information on wordpress.org repo.

1.1.0 (04/17/2014)

  • Add HTTP authentification for feeds.
  • Add settings for reading the feed.
  • Add token auth for feeds.

1.0.0 (01/20/2012)

  • Fix in multisite for redirect, also if the user does not have an account.
  • Small rewrite for better codex.

0.4.1 (04/20/2011)

  • Remove network comment for using different blogs in Multisite.

0.4.0 (04/11/2011)

  • Bugfix for login without multisite.
  • Ask for multisite.
  • Fix for using plugin with WP earlier than 3.*.
  • Also usable in mu-plugins folder.

0.3.0 (04/06/2011)

  • Add check for rights to publish posts to use the plugin on Multisite Install; only users with this rights have access to the blog of Multisite install.
  • Small changes of code.

中繼資料

  • 版本 1.3.1
  • 最後更新 3 年前
  • 啟用安裝數 2,000+
  • WordPress 版本需求 5.0 或更新版本
  • 已測試相容的 WordPress 版本 6.1.7
  • PHP 版本需求 5.6 或更新版本
  • 語言

    English (UK)、English (US)、German、及 Portuguese (Portugal).

    將這個外掛本地化為你的母語版本

  • 標籤
    accessaccessibleauthentificationloginmembers
  • 進階檢視

評分

5 星,滿分為 5 星
  • 8 個 5 星使用者評論 5 星 8
  • 0 個 4 星使用者評論 4 星 0
  • 0 個 3 星使用者評論 3 星 0
  • 0 個 2 星使用者評論 2 星 0
  • 0 個 1 星使用者評論 1 星 0

新增使用者評論

查看全部使用者評論

參與者

  • Frank Bueltge
  • Inpsyde GmbH
  • Robert Windisch
  • David

技術支援

使用者可在技術支援論壇提出意見反應或使用問題。

檢視技術支援論壇

  • 關於我們
  • 最新消息
  • 主機代管
  • 隱私權
  • 展示網站
  • 佈景主題目錄
  • 外掛目錄
  • 區塊版面配置目錄
  • Learn
  • 技術支援
  • 開發者資源
  • WordPress.tv ↗
  • 共同參與
  • 活動
  • 贊助基金會 ↗
  • Five for the Future
  • WordPress.com ↗
  • Matt ↗
  • bbPress ↗
  • BuddyPress ↗
WordPress.org
WordPress.org

Taiwan 正體中文

  • 查看我們的 X (之前的 Twitter) 帳號
  • Visit our Bluesky account
  • Visit our Mastodon account
  • Visit our Threads account
  • 造訪我們的 Facebook 粉絲專頁
  • Visit our Instagram account
  • Visit our LinkedIn account
  • Visit our TikTok account
  • Visit our YouTube channel
  • Visit our Tumblr account
程式碼,如詩