Basic Authentication is now available directly in the My.Pressable.com Dashboard, offering a simple and effective way to restrict access to your WordPress sites using a username and password prompt.
Basic Authentication is for users who prefer greater control over who can view their site content. This feature is ideal for Staging / Development sites and is already enabled by default in our Sandbox sites, where public access should be limited.
Enabling & Disabling Basic Authentication
For Sandbox Sites
Sandbox sites already have Basic Authentication enabled by default.
Basic Authentication can be briefly disabled on Sandbox sites by going to the WordPress β Plugins section of the site and deactivating the pressable-basic-authentication plugin:
- Basic Authentication cannot be removed through the Pressable Control Panel or WordPress Admin Dashboard for Sandbox sites.
- If Basic Authentication is disabled on a Sandbox site, it will be automatically re-enabled each day sometime between 3:00-7:00UTC. If you need Basic Authentication to be disabled, please convert the Sandbox site to a Staging site.
- While technically removable via FTP, this method is not supported and should be avoided.
- All existing sandbox sites currently using the Maintenance Mode plugin will be transitioned to use the Basic Authentication plugin instead.
For Staging and Live Sites
For Live & Staging sites, you can enable and disable Basic Authentication directly within the My.Pressable.com Dashboard by navigating to your site’s settings page in the My.Pressable.com Dashboard.
Go to Site β Advanced β Basic Authentication:
Toggle the setting to enable the feature:
This is powered by a custom pressable-basic-authentication plugin running in the background. You can also manage this setting via the Pressable API, and track changes through the job queue.
Collaborators must have the Manage WordPress permission to access the settings for Live & Staging sites.
Basic Auth Login Information
Once Basic Authentication is activated on a site, visitors to your site will see a username and password prompt before accessing any content:
Any existing WordPress user on the site (admin, customer, subscriber, etc roles) can use their WordPress username and password for the Basic Auth prompt.
For newly created sites, WordPress user passwords can be reset/updated in the WordPress Admin section of the site’s My.Pressable.com Dashboard.
Tracking Changes
All actions related to Basic Authentication are logged for transparency and auditing. You can view this activity by navigating to Site β Logs β Activity Logs in your site’s My.Pressable.com Dashboard:
This helps track when and by whom Basic Authentication was enabled or disabled.
Maintenance Mode
If you’re looking for Pressable alternatives to Basic Authentication, check out Maintenance Mode.
Frequently Asked Questions
Can all WordPress admin users use their login credentials to pass Basic Authentication?
Yes. Any valid user account on your site can use its WordPress username and password to bypass the Basic Authentication prompt.
If a user resets their WordPress password will Basic Authentication update automatically?
Yes. Basic Authentication authorizes against the WordPress users table, so any password change immediately applies to the Basic Auth login.
If a site has many users (e.g., 1,000 users) can they all authenticate?
Yes. Each user can log in using their own WordPress credentials. There is no separate or shared Basic Auth account.
Can I set different login credentials for Basic Authentication and wp-admin?
No. Basic Authentication is directly tied to the WordPress users on your site. There is no way to create separate credentials specifically for Basic Authentication.
What if I donβt want to expose my administrator account for Basic Authentication?
You can create a WordPress user with the Subscriber (or another non-admin) role and share those credentials for Basic Authentication access. This allows protected access without revealing administrator login details.
How can I permanently remove Basic Authentication from my site?
Basic Authentication can only be permanently removed by moving your site out of sandbox mode. While you can temporarily disable Basic Authentication via the MyPressable Control Panel, it will automatically re-enable for sandbox sites within 24 hours until they are transitioned to live status.
My login credentials aren’t working. Why not?
This is most commonly caused by 2FA being active for the user you are logging in as. To work around this, you can either create a new user on the Sandbox site without 2FA enabled or temporarily disable your 2FA plugin on the Sandbox site. You can disable your 2FA plugin directly from the Pressable control panel.