Initial release with full login protection, REST API security, and automatic cache clearing.<\/p>"},"ratings":[],"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3430247,"resolution":"128x128","location":"assets","locale":""},"icon-256x256.png":{"filename":"icon-256x256.png","revision":3430247,"resolution":"256x256","location":"assets","locale":""},"icon.svg":{"filename":"icon.svg","revision":3430247,"resolution":false,"location":"assets","locale":false}},"assets_banners":[],"assets_blueprints":{},"all_blocks":[],"tagged_versions":[],"block_files":[],"assets_screenshots":[],"screenshots":{"1":"Admin bar toggle with status indicator","2":"Simple settings page with REST API protection option","3":"Cache notice when caching plugins are detected"},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[602,1919,870,23853,600],"plugin_category":[38,54,58],"plugin_contributors":[236095],"plugin_business_model":[],"class_list":["post-266322","plugin","type-plugin","status-publish","hentry","plugin_tags-login","plugin_tags-members","plugin_tags-private","plugin_tags-rest-api","plugin_tags-security","plugin_category-authentication","plugin_category-security-and-spam-protection","plugin_category-user-management","plugin_contributors-codeforbroke","plugin_committers-codeforbroke"],"banners":[],"icons":{"svg":"https:\/\/ps.w.org\/cfb-must-login\/assets\/icon.svg?rev=3430247","icon":"https:\/\/ps.w.org\/cfb-must-login\/assets\/icon.svg?rev=3430247","icon_2x":false,"generated":false},"screenshots":[],"raw_content":"\n
Must Login is a lightweight, user-friendly plugin that allows you to require login for your entire site with just one click. Perfect for membership sites, private blogs, intranets, or any site that needs to restrict access to registered users only.<\/p>\n\n
When enabled, all visitors must log in to view any page on your site. Administrators can quickly toggle this on or off from anywhere on the site using the admin bar.<\/p>\n\n
cfb_must_login_redirect_url<\/strong> - Customize the login redirect URL<\/p>\n\n cfb_must_login_allowed_rest_routes<\/strong> - Allow additional REST API endpoints<\/p>\n\n cfb_must_login_clear_cache<\/strong> - Triggered when cache is cleared<\/p>\n\n The plugin uses the Yes, when login is required, search engines cannot crawl your site. This is useful for private sites but should be disabled if you want search engine visibility.<\/p><\/dd>\n REST API protection requires authentication to access WordPress REST API endpoints when login is required. This prevents unauthenticated access to your site's data through the API. You can enable or disable this feature separately in the settings.<\/p><\/dd>\n Even with REST API protection enabled, the following endpoints remain accessible:\n* Authentication endpoints (JWT, Simple JWT Login)\n* Contact form endpoints (Contact Form 7, WPForms, Gravity Forms)\n* oEmbed endpoints<\/p>\n\n Developers can allow additional endpoints using the Yes! The plugin automatically detects and clears cache from popular caching plugins including:\n* WP Super Cache\n* W3 Total Cache\n* WP Rocket\n* LiteSpeed Cache\n* WP Fastest Cache\n* Autoptimize\n* Cache Enabler\n* Comet Cache\n* SG Optimizer\n* WP Optimize<\/p>\n\n When you toggle the login requirement, the cache is automatically cleared to ensure the changes take effect immediately.<\/p><\/dd>\n Version 1.0.0 requires login for the entire site. Future versions may include page exclusion options.<\/p><\/dd>\n Non-logged-in users are automatically redirected to the login page. After logging in, they're redirected back to the page they were trying to access.<\/p><\/dd>\n Yes! Must Login works alongside membership plugins and simply ensures users are logged in before viewing any content.<\/p><\/dd>\n Yes, developers can use the Developers can use the add_filter('cfb_must_login_redirect_url', function($redirect_url, $redirect_to) {\n return 'https:\/\/example.com\/custom-login';\n}, 10, 2);\n<\/code><\/pre>\n\nadd_filter('cfb_must_login_allowed_rest_routes', function($routes) {\n $routes[] = '\/my-plugin\/v1\/public';\n return $routes;\n});\n<\/code><\/pre>\n\nActions<\/h4>\n\n
add_action('cfb_must_login_clear_cache', function() {\n \/\/ Custom cache clearing logic\n});\n<\/code><\/pre>\n\nCapabilities<\/h4>\n\n
cfb_must_login_manage<\/code> capability, which is mapped to manage_options<\/code> by default. You can customize this using the map_meta_cap<\/code> filter.<\/p>\n\n\nAutomatic Installation<\/h4>\n\n
\n
Manual Installation<\/h4>\n\n
\n
\n
Will this affect search engines?<\/h3><\/dt>\n
What is REST API protection?<\/h3><\/dt>\n
Which REST API endpoints are always accessible?<\/h3><\/dt>\n
cfb_must_login_allowed_rest_routes<\/code> filter.<\/p><\/dd>\nDoes this work with caching plugins?<\/h3><\/dt>\n
Can I exclude certain pages?<\/h3><\/dt>\n
What happens to users trying to access the site?<\/h3><\/dt>\n
Does this work with membership plugins?<\/h3><\/dt>\n
Can I customize the redirect URL?<\/h3><\/dt>\n
cfb_must_login_redirect_url<\/code> filter to customize the redirect URL.<\/p><\/dd>\nHow do I allow additional REST API endpoints?<\/h3><\/dt>\n
cfb_must_login_allowed_rest_routes<\/code> filter to add custom endpoints to the allowlist:<\/p>\n\nadd_filter('cfb_must_login_allowed_rest_routes', function($routes) {\n $routes[] = '\/my-plugin\/v1\/public-endpoint';\n return $routes;\n});\n<\/code><\/pre><\/dd>\n\n<\/dl>\n\n\n1.0.0<\/h4>\n\n
\n