Beginner's Guide for WordPress - Start your WordPress Blog in minutes.
Choosing the Best
WordPress Hosting
How to Easily
Install WordPress
WordPress Plugins
View all Guides

How to Restrict WordPress Site Access by IP or Logged In Users

Last updated on by
Special WordPress Hosting offer for WPBeginner Readers
How to Restrict WordPress Site Access by IP or Logged In Users

You are about to launch a new product, and you have developed a great website for it using the world’s favorite web publishing platform, WordPress. You want to test it live on its own domain and hosting, but you are not yet ready to make it public just yet. Earlier in another article we talked about how to password protect WordPress without user registration. How about limiting access to a site for visitors who are logged in or allowed by IP addresses? In this article we will show you how to restrict WordPress site access by IP or logged in users.

Video Tutorial

If you don’t like the video or need more instructions, then continue reading.

First thing you need to do is install and activate Restricted Site Access plugin. After activating the plugin, go to Settings » Reading. Scroll down to the bottom and you will see options to configure restricted access.

Restricting access to a site for logged in users or specific IP address

Using Restricted Site Access plugin, you can restrict access to a WordPress site for logged in users only or for people with specific IP addresses. You can also choose to redirect users with no access to the site by sending them to the login page, redirect to another web address, show them a custom message, or even redirect them to a specific page (coming soon page) that you have created on the same site. Restrict by IP feature is very useful if you want multiple employees in the office to have access to the development project without requiring them to register as a user.

This plugin can be extremely useful for beta testing your site before a product launch. It is also good for creating private blogs for friends and family only. We hope that this article helps you run your projects discretely. Do you have other ways that you have used to restrict WordPress site access? Share it with us in the comments below.

Editorial Staff at WPBeginner is a team of WordPress experts led by Syed Balkhi. Page maintained by Syed Balkhi.

WPBeginner's Video Icon
Our HD-Quality tutorial videos for WordPress Beginners will teach you how to use WordPress to create and manage your own website in about an hour. Get started now »


  1. Eran says:

    The only problem is that this plugin restricts the access to lost password page as well.. this is a problem..

  2. JR says:

    Thanks a lot !!! This plugin rocks…I was exactly looking for this ..God Bless You

  3. Shoeb says:

    How to handle the scenario with the Dynamic IP addresses. If we unrestrict certain IP addresses then every time the IP address will get change. Then what to do in this situation ?

  4. Joe Njenga says:

    Can this plugin work with a single page restriction ?

  5. Mariska Van de Langenberg says:

    If you would have a subscription sign up for a product as well as a registration as affiliate on your site….would there be an option to avoid people to sign up as affiliate first and then subscribe to the product in order to get commissioned on them? Like a check on IP amongst the affiliate IP’s?

  6. kate says:

    I have a problem when my members sign up they are taken to payment page but if they click off this page they can log in without paying. How do i restrict their access until they have paid the fee

    in a nutshell How can i restrict access to my members until they pay

  7. John says:

    You can use the safe private plugin:

  8. Mona says:

    Can you please clarify the following:

    By restricting site access to those who are “logged in” – does that mean users have to set up a WordPress account? I’m trying to make it as easy as possible for the non-savvy computer user for accessing a family website.

    Also, do restricted access plugins only work on self hosted sites? What about free sites like


    • Editorial Staff says:

      Most techniques mentioned on this site including this one are for self-hosted WordPress and will not work on free

  9. Ruchi says:

    Is there a way to restrict users to only a certain section on the site, where they can access product data etc. based on an email login? I’m an amateur webmaster and have been struggling with this.

    • Editorial Staff says:

      Yes. You would have to use one of the many membership plugins such as S2 members or Easy Digital Downloads etc.

      • Ruchi says:

        Thanks. I ended up using word press access control since it allowed more customization, been workin like a charm..
        Used a lot of tips from your website though. You guys are doing a great job! Thanks much!

  10. Simon says:

    So basically install a plugin… what a very informative article.

    If anyone else is interested you can add code in your functions file to prevent anyone who is not logged in from viewing your site:

    function password_protected() {
    if ( !is_user_logged_in() ) {
    add_action(‘template_redirect’, ‘password_protected’);
    add_action(‘do_feed’, ‘password_protected’);

    • Editorial Staff says:

      Thank you for sharing an alternative code solution, but why reinvent the wheel? There is absolutely nothing wrong with installing a plugin to do a simple task. That’s what plugins are made for. Also the author of that plugin is fairly well-reputed in the community. When we need to restrict site access by IP or logged in users, we use this plugin.

    • Barry says:

      Hi simon,

      Your code seems so simple yet it doesn’t work for me. I even check by putting a simple echo before the if statement to check if the function is being called at all and it doesn’t.

      So which add_action should i use?

    • Malc says:

      Simon, this plugin allows access to a whitelist of IP addresses. Not a common request – but very useful from time to time. Do you have code that could handle that function?

Add a Comment

We're glad you have chosen to leave a comment. Please keep in mind that all comments are moderated according to our comment policy, and all links are nofollow. Do NOT use keywords in the name field. Let's have a personal and meaningful conversation.