Whenever a site is under development, or its content should remain private, you want to prevent to general public
from reading it – whether deliberately or by accident.
A comman way to do this is with HTTP authorisation,
but this has some problems:
- Each user of your site has two different sets of username and password, one for the authorisation and one for
WordPress login. It’s not uncommon for some users to find this confusing.
- To set up authorisation you need access to your web server’s configuration (at least using the
.htaccess
file),
which may not be available depending on your hosting supplier.
You also need to learn how to configure the authorisation correctly, and risk breaking the site if you get it wrong.
- When the time comes to remove the authorisation, you need to edit the configuration again.
- In certain circumstances, combining authorisation with WordPress login can get a visitor into a circular redirect
loop, where the result of logging in is to redirect to the login page.
Site PIN solves these problems by replacing authorisation with a simple PIN. This has the following advantages:
- Everybody knows what a PIN is, and it’s clearly not the same as a password.
- Logging into WordPress bypasses the PIN, so you can’t lock yourself out
- It’s just a WordPress plugin, so no server configuration is necessary.
- You can change or remove the PIN from WordPress admin.