WordPress has basic password protection for pages built in. It’s incredibly handy to provide some basic content protection, especially if you want to send some content for approval from someone who doesn’t have access to the WordPress admin.
In Gutenberg, you can find it in Post >> Visibility and change the dropdown to “Password Protected”.
In the Classic Editor, Publish >> Visibility >> Edit and change the radio button to “Password protected”.
But what do you do if you’ve set up a password for a page, but it’s still allowing access without a password? here’s some basic troubleshooting tips. This is aimed primarily at developers as it’s most likely to affect custom themes.
- Simple things first. Try opening the page in an incognito window to avoid any browser caching or chances of being logged in.
- Clear your cache. If you have a caching plugin, make sure you do a full cache clear. This is unlikely to be the cause, but we’ve seen some strange errors caused by caching plugins over the years and it can’t do any harm.
- Check your page template. This is the most important part to check – your page must have
the_content();within your loop for password protection to work. Password protection does not cover custom fields by default, but it’s not hard to make this happen – see our article on this.
There we have it – this is a rare issue but an annoying one when it pops up. The most likely culprit is point three on our list.- always use
the_content(); even if you aren’t placing any content inside or hiding it in the admin.