外掛標籤
開發者團隊
② 後台搜尋「Privex Password Protect – Lock Pages, Posts & Categories」→ 直接安裝(推薦)
原文外掛簡介
Privex Password Protect – Password Protect Pages, Posts, Categories & Your Entire WordPress Site
Privex Password Protect is the most powerful and flexible WordPress password protection plugin available. Whether you need to password protect a page, lock a WordPress post, restrict access by user role, or put your entire site behind a password wall – Privex gives you complete, granular control with a modern, beautiful UI.
Forget the limited built-in WordPress password system. Privex replaces it with a professional-grade content protection solution that supports multiple passwords per page, brute-force protection, CAPTCHA integration, cookie-based sessions, and stunning Glassmorphism password form templates.
Who Is This Plugin For?
Agencies building staging sites or client preview sites that need a site-wide password lock
Bloggers and content creators who want to restrict access to premium posts or pages
WooCommerce store owners who need to password protect products or shop pages
Membership site owners who want to lock content by user role
Developers who need a lightweight, developer-friendly content restriction plugin
Key Features: Password Protect Anything in WordPress
Per-Page & Per-Post Password Protection
Set individual passwords for any page or post. Create multiple passwords per post – perfect for sharing different access keys with different clients. (Free: up to 5 passwords per post, Unlimited in PRO)
Site-Wide Password Protection (PRO)
Lock your entire WordPress website behind a single global password. Ideal for staging environments, under-construction sites, client demos, and private membership portals.
WooCommerce Product & Shop Protection
Fully compatible with WooCommerce. Password protect specific products, your entire shop page, or complete product categories. Restrict access to exclusive items and ensure only authorized customers can view or purchase them.
Category & Archive Protection (PRO)
Restrict entire WordPress post categories or custom taxonomy archives with a single password. Useful for gating premium content sections on your blog or news site.
Child Page Inheritance
Optionally inherit password protection from parent pages to child pages – no need to set passwords on every sub-page individually.
Custom Post Type Support
Privex works with all registered Custom Post Types (CPTs). Protect portfolios, events, courses, directories, or any content type your theme or plugin creates.
Multiple Passwords per Post
Generate several unique passwords for the same page or post. Each password can have its own label, expiry date, and maximum usage limit – ideal for client management and time-limited access.
Master Password
Set a single master password that unlocks all protected content across your entire site – useful for site owners and administrators.
Admin Auto-Bypass
Logged-in administrators automatically bypass all password locks, allowing seamless content editing and previewing without entering passwords.
Cookie-Based Session Management
Visitors who unlock content are granted a secure cookie-based session so they do not need to re-enter passwords on every page visit. Session duration is fully configurable (persistent or session-only).
Beautiful Password Form Templates
Glassmorphism, Minimal, Dark & Custom Templates
Choose from multiple professionally designed password form templates including Glassmorphism, Dark Mode, Minimal, and Minimal Dark. All templates are fully responsive and look stunning on any device or screen size.
AJAX-Powered Instant Unlock
When a visitor enters the correct password, the protected content fades in instantly without any page reload. This delivers a seamless, app-like user experience and avoids caching-related issues.
Custom Template Builder (PRO)
Design your own password form from scratch using a drag-and-drop block editor. Add logo, background, custom colors, typography, animations, and more. Create unlimited custom templates.
Template Customization (Free)
Even without PRO, you can customize accent colors, card background, button style, border radius, and toggle the icon or description text directly from the settings panel.
Advanced Security Features
Brute-Force Protection
Built-in rate limiting tracks failed password attempts per IP address. After exceeding the allowed attempts, the IP is temporarily locked out for a configurable number of minutes – protecting your site from automated password-guessing attacks.
CAPTCHA Integration – Google reCAPTCHA, hCaptcha & Cloudflare Turnstile (PRO)
Optionally require visitors to complete a CAPTCHA challenge before submitting a password. Supports Google reCAPTCHA v2, Google reCAPTCHA v3 (invisible), hCaptcha, and Cloudflare Turnstile – all configurable from the Security settings panel.
IP Whitelisting & Blacklisting (PRO)
Define specific IP addresses or CIDR ranges that should always bypass protection (whitelist) or always be denied access (blacklist). Supports Cloudflare and proxy-forwarded IPs.
Concurrent Session Limits (PRO)
Control how many simultaneous devices or browsers can use the same password at the same time. Automatically invalidate older sessions when the limit is exceeded – preventing password sharing.
User Role-Based Access (PRO)
Grant access to specific WordPress user roles (e.g. Editor, Subscriber, Customer) without requiring them to enter a password at all. Combine role-based access with per-post or global password protection.
True Privacy & SEO Controls
Hide Protected Content from WordPress Search
Optionally exclude password-protected posts and pages from WordPress internal search results, so visitors cannot discover protected content through the search bar.
RSS Feed Exclusion
Automatically block password-protected content from appearing in your RSS feed. Subscribers only see content they are authorized to access.
Noindex Meta Tag for Protected Posts
Add noindex, nofollow robots meta tags to protected posts and pages so that search engines like Google do not crawl or index your private content – keeping your sensitive data off search engine results pages (SERPs).
Excerpt & Snippet Hiding
Prevent WordPress from displaying text excerpts or archive snippets of locked content in category pages, tag archives, and post grids – ensuring no content leakage.
Performance & Compatibility
Zero Bloat Architecture
Privex loads scripts and stylesheets only on pages where password protection is active. On all other pages, nothing loads. This keeps your site lightweight and fast.
Transient Caching
Access control checks use the WordPress transient API for lightning-fast performance, even on large sites with many protected posts.
Works with Popular Page Builders
Fully compatible with Elementor, Divi, Beaver Builder, Oxygen, Bricks, Visual Composer, and the native WordPress Block Editor (Gutenberg).
Caching Plugin Compatible
Designed to work alongside WP Rocket, LiteSpeed Cache, W3 Total Cache, and other popular caching solutions. The AJAX-based unlocking mechanism bypasses cache-related conflicts.
Translation Ready
100% compatible with WPML, Polylang, and Loco Translate. All user-facing strings are internationalized and ready for translation into any language.
Works with Popular Themes
Tested and compatible with Astra, Hello Elementor, OceanWP, GeneratePress, Kadence, and all other standard WordPress themes.
Use Cases for Privex Password Protect
Staging & Development Sites: Put your entire WordPress site behind a password so only your client or team can view it before launch.
Premium Content Gates: Lock blog posts, tutorials, or resources behind a password and share the key only with paying customers.
Private Membership Areas: Restrict access to members-only pages without needing a full membership plugin.
Client Portals: Create individual password-protected pages for each client with unique access keys.
Restricted WooCommerce Products: Hide products from the public and share a password-protected link only with specific buyers.
Internal Team Resources: Protect internal documentation, onboarding pages, or HR resources from the general public.
Under Construction Pages: Keep your redesigned website hidden from the public with a site-wide password lock until you are ready to launch.
External Services
This plugin optionally connects to third-party CAPTCHA services to protect password forms from automated bot attacks. These services are only used when the site administrator explicitly enables and configures them in the plugin settings (Pass Protect -> Security -> CAPTCHA Integration). No data is sent to any external service unless the administrator actively chooses a CAPTCHA provider and enters valid API keys.
Google reCAPTCHA (v2 and v3)
When Google reCAPTCHA is selected as the CAPTCHA provider, this plugin loads the reCAPTCHA JavaScript library from Google’s servers on frontend password-protected pages. Upon form submission, the CAPTCHA response token is sent to Google’s verification API along with your site’s secret key and the visitor’s IP address for validation.
Service provider: Google LLC
What data is sent: CAPTCHA response token, site secret key, visitor IP address
When data is sent: Each time a visitor submits a password form on a protected page (only when reCAPTCHA is enabled)
Service terms of use: https://policies.google.com/terms
Privacy policy: https://policies.google.com/privacy
hCaptcha
When hCaptcha is selected as the CAPTCHA provider, this plugin loads the hCaptcha JavaScript library from hCaptcha’s servers on frontend password-protected pages. Upon form submission, the CAPTCHA response token is sent to hCaptcha’s verification API along with your site’s secret key for validation.
Service provider: Intuition Machines, Inc.
What data is sent: CAPTCHA response token, site secret key
When data is sent: Each time a visitor submits a password form on a protected page (only when hCaptcha is enabled)
Service terms of use: https://www.hcaptcha.com/terms
Privacy policy: https://www.hcaptcha.com/privacy
Cloudflare Turnstile
When Cloudflare Turnstile is selected as the CAPTCHA provider, this plugin loads the Turnstile JavaScript library from Cloudflare’s servers on frontend password-protected pages. Upon form submission, the CAPTCHA response token is sent to Cloudflare’s verification API along with your site’s secret key and the visitor’s IP address for validation.
Service provider: Cloudflare, Inc.
What data is sent: CAPTCHA response token, site secret key, visitor IP address
When data is sent: Each time a visitor submits a password form on a protected page (only when Turnstile is enabled)
Service terms of use: https://www.cloudflare.com/terms/
Privacy policy: https://www.cloudflare.com/privacypolicy/
Developer Instructions
This plugin does not use any build tools. All source code is provided as-is. No compilation or bundling is required.
