Restricting access to the Intranet to only logged in users is a simple way of securing data and ensuring information does not end up in the wrong hands. Learn how to use simple plugins to restrict access and customize the login experience on your Intranet.
- [Instructor] Alright, let's get cracking. On my local network, I've set up an internet site on a dedicated server that I can access through the IP address. Right now, it's just a standard WordPress site, the only thing I've changed is the site title and tagline, and I'm using the 2017 theme. Throughout the course, I'll be using the 2017 theme and a child theme off 2017. And I won't really focus on how to change its appearance or anything else. That's all covered in other courses. What we're focusing on here is intranet functionality. First up, I want to restrict access to the intranet site to only logged in users.
That way, we can grant every single staff member or organization member a user id, and then they can log into the site and get access to the content that they are interested in, and need to gain access to, while anyone else is just redirected to a login page. We'll do this using two plugins. The first one is called All-In-One Intranet. Sounds like it's a huge plugin with lots of features. It's actually just a plugin for locking people out unless they have login access. So it could technically be used on any site if you want to restrict access, and the naming is a little bit misleading, but it works for our purposes.
The second plugin is called Custom Login and it does exactly what it sounds like, it changes the appearance of the login page. If you've worked with WordPress before you know the login page has this W logo at the top. This plugin allows us to change the appearance of that login page to pretty much anything we want. Can add a custom logo, custom background image, custom CSS and custom HTML. Before we get into this, I want to draw your attention to a third plugin. If you're using Active Directory login or any kind of single site login system in your company or organization, there are plugins that will support this and that will work nicely with either All-In-One Intranet or custom login or both.
So if you have that kind of infrastructure, check out this plugin, Active Directory/LDAP Login for Intranet sites or similar plugins, but they're not covered in this course. Let me show you how this all fits together. First, I'll go to the backend of my site. Go to Plugins, Add New, and search for all in one intranet. Here's the plugin. We'll install it, activate it, and once activated I can either go to the Settings Directory from the Plugins list or go to Settings and All-In-One Intranet.
This plugin only has three settings. The first one is the one that toggles the functionality on and off so when it's checked you can only gain access to the content if you're logged in, otherwise you'll be redirected to the login page. That's exactly what we want. Once someone gets to the login page and logs in we can choose to redirect them to a custom page. If we don't, they'll be redirected directly to wherever they were going or to the home page, and finally we can set an auto logout timer to log a user out if they have not been active for either minutes, hours or days.
I'm not going to change anything here, I'm just going to test this in an incognito window. And as you can see, once the plugin is active, I'm always redirected to the login page no matter what I do. So if I try to go back to the homepage, login page. If I try to go to any other page, I just keep getting back to the login page. Now you also see why we need to change the appearance of this page a little bit, because right now it's just a generic WordPress login page, and because we don't really have any information it's hard to know where you are. I want to swap out the WordPress logo with a custom logo I've created previously, and I do that with a custom login plugin.
So I go back to Plugins, Add New, search for custom login. Here I get a myriad of options. The one I want to use is the first one here. Install it, activate it, and just like before we can either go to the settings directly from the plugins list, or by going to Settings and Custom Login. This login has a ton of features, and you have full control over the appearance of the login page. You can add custom HTML, you can add custom backgrounds, custom logos and even custom CSS.
For my purposes I only want to deactivate the WP logo, so I go to Logo and check the box, and then upload a custom logo in place of it. So here it's important to upload a logo that is exactly 320 pixels wide, otherwise everything will look kind of strange. So I'll browse my computer, go and upload a file, find my small logo, insert it, click Save Design Settings, go back to my incognito window and reload the page, and here I've noticed the plugin is a little bit weird so it doesn't always refresh automatically, so I usually toggle this off and then toggle it back on again and save design settings a couple of times.
And then when I go back to the window and reload, you'll see the new logo in place of the old one. So now, it's clear you're logging into Radio Willingdon. I can test to see what happens when I login by going to my own account. And here I gain access to the front end. So because I haven't set up any custom landing page, I'm landing on the front page. You can choose to set up a custom landing page by going to the All-In-One Intranet page and then just setting in the URL for that. It's entirely up to you. But now restrictions work, and only logged in users are able to gain access to the site.
Next up, we'll look at how to create those logged in users.
- Preparing to set up an intranet site
- Planning for content management
- Creating information architecture
- Managing access, users, roles, and capabilities
- Create custom WordPress post types
- Building a theme
- Customizing the appearance of posts
- Adding advanced forms
- Creating intranet site navigation
- Maintaining an offline WordPress site
- Updating plugins and themes