There are two options available for protecting your content: protecting your entire site, and protecting individual pages.
Passport York-protecting an entire site:
- Log into your WordPress admin panel
- In the left panel, click through Settings > Reading
- Under Site Visibility (near bottom,) you will be given a list of options:
- Select "" for a fully accessible site to everyone, including search engines
- Select "Discourage search engines from indexing this site" to limit search engine access but allow any user to visit
- Select "Visitors must have a login" to limit user access to anyone who has access to any WordPress Multisite at York (ie. a site with a url including '.info', '.lab', etc.)
- Select "Only registered users of this blogs can have access" to limit user access to users listed as a website User (to see the list, in the left navigation click on 'Users')
- Select "Only administrators can visit" to limit user access to site Administrators (to see the list, in the left navigation click on 'Users')
- Click 'Save Changes' to complete.
This allows you to restrict access to users who have some level of access to your site.
Passport York-protect selected pages using special URLs
This approach allows you to restrict page content to York Students/Faculty/Staff or just to Faculty/Staff using special URL naming conventions. Depending on which group needs access to your protected page(s), you will need to create a page with one of the following slugs:
/ppy_protected (for York Students, faculty and staff)
/ppy_secure (For York faculty and staff)
- Create a new page
- Under 'Page Attributes' ensure that under 'Parent', '(no Parent)' is selected
- Write the Title of the page as you would like for it to appear on the live page
- Next to the Permalink url, click 'Edit' and change the url "slug" to one of 2 special names that will limit access: ppy_protected or ppy_secure.
- Click 'Ok' to save
- You can use these protected pages for PPY-protected content. Note you can also create any number of child pages such as /ppy_protected/my-first-protected-page, etc. All pages with a parent page of "ppy_protected" or "ppy_secure" will also require a PPY login to view.
Important: By default embedded images and linked PDFs and other uploaded media files will NOT be protected, since WordPress stores those files in a /files/year/month folder structure. If you need to restrict access to media files, you would need to use the Media Library Folders plugin to create "ppy_protected" and/or "ppy_secure" folders and move files that need to be restricted into those folders.
UIT recommends that when confidential information needs to be shared, it be stored within YU Link (faculty and staff) or my.yorku.ca (students) if possible.