Select Page

Securing a WordPress blog

 I’ve been hosting a family blog and photo site for a good friend for over a year.

They decided recently to ‘lock down’ the site and restrict access to both the blog and the photos to family and friends only.

I spent some of yesterday doing this.

I’ve extensively use WPG2 to integrate WordPress and Gallery2 – and I use the permissions and roles within Gallery2 to successfully limit access to pictures. The most striking example of this is with my sisters Cub Scout web site; non members can read blog posts; but not view pictures.

Securing the WordPress side was a little more tricky. Drupal has a very strong permissions module -especially useful for the anonymous user. Nothing like that for WordPress.

In the end I used the post-levels plugin from Filipe Fortes – it needed some SQL mungling to work with WordPress 2.3 – but the end results were pretty good.