The current version of the WP ADA Compliance plugin does not support password protected website scans but version 3, scheduled for release in late 2021 is expected to include support for password protected scans.
The following options will be supported:
Password Protected Directories
One approach is to use Apache Basic Authentication on a for a password protected directory.
To configure the WP ADA Compliance plugin to work with Apache Basic Authentication:
- Create a password protected directory and associate it with a username and password using your control panel.
- Log into your website and choose Web Accessibility > Settings from the dashboard menu.
- Click on the Scan and Notifications tab and locate the Password Protected Website Settings section.
- Choose “Yes” for enable support for websites that require users to be logged in.
- Enter the Apache Basic Authentication username and password in the fields provided.
- Choose Save Changes
If you plan to use automatic cron scans you will need to add authentication parameters to your cron job.
The following example shows how to create a cron job passing authentication parameters:
45 * * * * /usr/bin/wget --user=username --password=password -O - -q http://example.com/wp-cron.php
WordPress Authentication and PHP Redirect
A second approach is to redirect unauthenticated users to a login screen using a PHP redirect.
The following PHP code can be placed in your themes function.php file to redirect unauthenticated users to your login screen:
if(get_current_user_id() < 1 and $_SERVER["PHP_SELF"] !="/wp-login.php"){
wp_redirect( '/wp-login.php' ); exit;
}
To configure the WP ADA Compliance plugin to work with WordPress authentication:
- Create a PHP redirect to send users to the login screen when unauthenticated. (example provided above)
- Log into your website and choose Web Accessibility > Settings from the dashboard menu.
- Click on the Scan and Notifications tab and locate the Password Protected Website Settings section.
- Choose “Yes” for enable support for websites that require users to be logged in.
- Choose Save Changes
Note: automatic cron scans will not work when using WordPress authentication and PHP redirects.
