How to Hide a Site with WordPress

There can be many situations when you want to temporarily hide your site from public view on WordPress. Perhaps it’s in development and you don’t want viewers to see an unfinished version. Or maybe you’re taking care of some bugs and need some quiet server time for testing. In an extreme scenario, you might even be facing a massive security crisis and want to save your site from a DDoS attack.

By default, there’s no easy way to use the WordPress internal systems to hide your site. At the most, you can set a flag asking search engines not to index it. But this is a terrible solution if you only want to hide your site for a short period of time – not to mention that it won’t happen immediately. In any case, it won’t protect you against direct access. Instead if you’re looking to keep your site live and yet not allow visitors to access it, we’re going to have to use a WordPress plug-in to do the job. One of the most well-known and comprehensive add-ons for this purpose is called “Hide My Site”.

Hiding your Site on WordPress

After you’ve downloaded and installed the plug-in using the above link, you’ll immediately be asked to set a password that anyone wanting to access your site would have to provide. This will take the form of a notification bar above the plug-ins page:

Clicking this will take you to the “Hide My Site” settings page where you can enter your preferred password. By default the checkbox called “Enable Password Protection” is activated meaning that once you save your changes on this page, your site is effectively hidden. You can see what this looks like here:

This is the default access form which all free users of the plug-in can display. While this plug-in is free to use, many customization options are available only in the premium version. One of these options allows you to use another form from a variety of possibilities. But if you’re looking for a quick solution for a single site, the free version will do just fine.

Easy Development while Hiding your Site

It’s important that any solution to hide your site doesn’t adversely impact your ability to access it frequently for testing and development purposes. Otherwise you’re going to find yourself having to enter the password each and every time you yourself wish to view the results of some experiment. Luckily, the “Hide My Site” plug-in gives us two ways to facilitate this.

The first technique relies on using a number of trusted IP addresses from which to always allow access. In the settings page, scroll down till you find the text box labeled “Allow IP Addresses”.

This is an optional field containing a list of, separated IP values. Anyone accessing the website from one of the addresses in this list will be able to view it directly without having to type in a password.

The second option is a checkbox called “Allow Admins”.

When enabled, anyone who is logged in as an administrator will be able to access the website even they’re doing so from an IP address that isn’t whitelisted as above.

These two techniques ensure that you can keep your site hidden from the public but will have no problems working on it yourself.

Taking Care of Caching Issues

Caching plugins can play spoilsport with this add-on – particularly if it’s implemented by the server admins. If you find that this plug-in doesn’t work as expected, try clearing the cache and then disabling the plug-in entirely. You can always reenable it when your site goes live.

With the “Hide My Site” plug-in, you won’t have any problems keeping your WordPress blog private until it’s ready to go live!