:: TechBlog ::

This plugin is pretty simple (yet effective) – so i’ll try and keep things short.

You can use this plugin to limit the visibility of your WordPress 2.3 site to only logged in users that have a specific (pre-defined) WP Capability. Any of the standard WP Capabilities can be used, like: read, edit_posts, publish_posts, edit_users, manage_options, etc. Custom capabilities can also be used.

Good for multi-blog setups with unified logins (single login with shared cookies) where you want some users to be able to access one site but not another unless they have certain permissions.

This plugin is based on Angsuman’s Authenticated WordPress Plugin. All I did was combine his redirect function with some of my own logic. Now you can have slightly finer grained control over who is allowed to acces your WP site.

Download:
You can get the Limit Visibility by Capability plugin (v1.0) here.

Install:
1. Place the file: limit_by_caps.php in your /wp-content/plugins/ directory.
2. Activate the plugin.
3. Navigate to the Options >> Limit Visibility subpage to enable your settings.

By default, after you activate this plugin it will:
1. Redirect all visitors who try to access your site (who are not logged in) to the Login page. (using Angsuman’s function)
2. Redirect all logged in users without the “manage_options” capability (everyone except the Admin) to http://wordpress.org

You can also Customize the Settings: (recommended)
1. Change the minimum Capability required to access the site to something lower. (eg: using publish_posts will typically allow all Authors, Editors, and Admins in – but not Contributors or Subscribers)
2. Change the external URL that logged in (but rejected) users get sent to into one of your choosing. (so if you are protecting a subdomain you might send these users to the top-level, “main” domain)

Here’s a screencap of the Options >> Limit Visibility subpage:

Additional Notes:
- Block posts, comments, searches, feeds
- Deny access to the entire back-end of WP (no dashboard, no write post, etc)
- No access to uploaded files (no images, no pdfs, requests for exact URLs still get blocked) still working on this..
- Works well with Options >> Privacy turned “On” (block search engines and spiders)
- Compatible with Postie plugin (post via email still works)