Frequently Asked Questions

What is PureDevs WP Locker?

PureDevs WP Locker is a WordPress plugin that protects your entire website with a single password. It’s designed for development sites, staging environments, maintenance periods, or any situation where you need to restrict public access while allowing authorized users to view your site.

Is this plugin free?

Yes, PureDevs WP Locker is completely free and open-source. It’s available on the WordPress.org plugin repository and can be installed directly from your WordPress dashboard.

What are the system requirements?

The plugin requires:

• WordPress 3.5 or higher (tested up to 6.8.3)
• PHP 5.6 or higher (7.0+ recommended)
• MySQL 5.0 or higher
• Browser with cookie support enabled

Does it work with all themes?

Yes, PureDevs WP Locker works with any WordPress theme. The plugin operates at the WordPress level before themes are loaded, so it’s completely theme-independent.

Is it compatible with other plugins?

The plugin is designed to work alongside other WordPress plugins. However, certain security or caching plugins might need configuration adjustments. If you experience conflicts, try temporarily disabling other plugins to identify the issue.

Does it protect the entire website?

Yes, PureDevs WP Locker protects all pages, posts, archives, media files, and RSS feeds. The only exception is the WordPress admin area (/wp-admin/), which remains accessible via normal WordPress login for administrators.

Can I protect only specific pages?

No, PureDevs WP Locker is designed for site-wide protection only. If you need page-level or content-specific protection, consider using a membership plugin like Restrict Content Pro or MemberPress instead.

How does the password system work?

When visitors enter the correct password, their IP address is stored in both a cookie and the WordPress database. On subsequent visits, the plugin checks for authorization and grants access automatically without requiring password re-entry.

Will search engines still index my site?

No, search engine bots cannot bypass the password protection. Your site will not be indexed while the locker is active. This is actually beneficial for development and staging sites, preventing them from appearing in search results.

Can I have multiple passwords?

No, the plugin uses a single password for all visitors. Everyone accessing the site must use the same password. If you need individual user accounts, consider using WordPress’s built-in user management or a membership plugin.

Does it work with REST API?

The plugin primarily protects the front-end of your website. REST API access depends on your WordPress configuration and whether API authentication is required. For complete API protection, consider additional security measures.

How do I set up the plugin after installation?

After activation:

1. Go to Settings → PureDevs WP Locker
2. Enter a password in the Set Password field
3. Optionally customize the form heading and button label
4. Click Save Changes
5. Your site is now protected!

I forgot my password! What do I do?

If you forget the password:

1. Log in to WordPress admin (this is NOT protected by the plugin)
2. Go to Settings → PureDevs WP Locker
3. Set a new password
4. Click Save Changes

If you can’t access the admin, you’ll need to access your server via FTP and temporarily disable the plugin by renaming its folder.

How do I change the password?

To change the password, go to Settings → PureDevs WP Locker, enter a new password, and click Save Changes. Previously authorized visitors will remain authorized, but new visitors will need the new password.

Why do visitors need to re-enter the password sometimes?

Visitors may need to re-enter the password if:

• They cleared their browser cookies
• Their IP address changed (common with mobile networks or VPNs)
• They’re using a different browser or device
• Their authorization cookie expired

Can I customize the password page design?

Yes! You have two options:

• Basic: Customize the heading and button text through the settings page
• Advanced: Override the template file in your theme for complete design control (see Template Override Guide)

The plugin isn’t working after activation. Why?

Common reasons:

• No password set: You must set a password in the settings for protection to activate
• Already authorized: Your browser may have an authorization cookie from testing
• Caching: Clear your browser cache and try in an incognito window
• Conflict: Another plugin might be interfering

I’m locked out of my site! Help!

Don’t panic! Access your WordPress admin dashboard (which is NOT protected). Go to Settings → PureDevs WP Locker and either reset your password or deactivate the plugin from Plugins → Installed Plugins.

If you can’t access the admin, use FTP to rename the plugin folder from puredevs-wp-locker to puredevs-wp-locker-disabled.

The password page isn’t showing my customizations

Try these solutions:

• Ensure you clicked Save Changes after editing settings
• Clear your browser cache and cookies
• Test in an incognito/private browser window
• Disable any caching plugins temporarily
• Check if a template override in your theme is conflicting

Correct password isn’t working

Verify the following:

• Check for typos (passwords are case-sensitive)
• Ensure there are no extra spaces before or after the password
• Verify the password was saved correctly in the settings
• Check if JavaScript is enabled in your browser
• Try a simple test password to verify functionality

The plugin conflicts with another plugin

To identify conflicts:

1. Deactivate all other plugins except PureDevs WP Locker
2. Test if the issue persists
3. Reactivate plugins one by one to find the culprit
4. Report conflicts in the support forum

Does it work with caching plugins?

Generally yes, but you may need to exclude the password page from caching. In your caching plugin settings, add an exclusion for the PureDevs WP Locker password page or disable caching for logged-out users.

Is this plugin secure?

Yes, PureDevs WP Locker provides robust protection for its intended use case (development sites, staging, maintenance). However, it uses a single shared password rather than individual user accounts, so it’s not suitable for protecting sensitive data or production sites requiring strict access control.

How is my password stored?

The password is stored in your WordPress database as a plain-text option. Since this is a site-wide password meant to be shared, it doesn’t use password hashing like user accounts do.

Can hackers bypass the protection?

The plugin provides good protection against casual access and bots. However, determined attackers with technical knowledge might find ways around it. For production sites with sensitive data, use WordPress’s built-in authentication system and additional security measures.

Does it prevent brute force attacks?

The plugin doesn’t include built-in brute force protection or rate limiting. For additional security, consider using a dedicated security plugin alongside PureDevs WP Locker to add rate limiting and lockout features.

Should I use this on a production site?

PureDevs WP Locker is best suited for development sites, staging environments, pre-launch sites, and maintenance periods. For production sites requiring access control, consider using WordPress’s built-in user system or a membership plugin that supports individual accounts and roles.

Does it work with multisite?

The plugin can be installed on WordPress multisite networks, but it must be activated individually on each site where you want protection. Network-wide activation is not currently supported.

Is it translation-ready?

Yes, the plugin is translation-ready and can be translated through WordPress.org’s translation platform. You can also use translation plugins like WPML or Polylang to translate the interface.

Does it impact site performance?

No, PureDevs WP Locker is lightweight and has minimal performance impact. It performs a simple check on each page load and only unauthorized visitors see the password form. Authorized visitors experience no performance degradation.

Can I use hooks to extend functionality?

Currently, the plugin doesn’t include specific hooks for developers. If you need to extend functionality, you can create a custom plugin that hooks into WordPress core actions and filters, or modify the template override.

Where can I view the source code?

The plugin is open source. You can view the code on WordPress.org or access it through the SVN repository. The code is also in your WordPress installation at /wp-content/plugins/puredevs-wp-locker/.

Where can I get support?

For support, please visit the WordPress.org support forum for the plugin. You can search existing topics or create a new one describing your issue.

How do I report a bug?

Please report bugs in the WordPress.org support forum. Include:

• WordPress version
• PHP version
• Plugin version
• Description of the issue
• Steps to reproduce
• Any error messages

Can I request new features?

Yes! Feature requests are welcome in the support forum. While we can’t guarantee implementation of all requests, we carefully consider all feedback when planning future updates.

How can I contribute to the plugin?

You can contribute by:

• Reporting bugs and issues
• Suggesting new features
• Helping other users in the support forum
• Translating the plugin into other languages
• Rating the plugin on WordPress.org