{"id":43409,"date":"2016-04-30T22:00:12","date_gmt":"2016-04-30T22:00:12","guid":{"rendered":"https:\/\/wordpress.org\/plugins-wp\/wp-htpasswd-generator\/"},"modified":"2016-06-24T22:20:27","modified_gmt":"2016-06-24T22:20:27","slug":"wp-htpasswd-generator","status":"closed","type":"plugin","link":"https:\/\/bre.wordpress.org\/plugins\/wp-htpasswd-generator\/","author":14938083,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"1.1.2","stable_tag":"1.1.2","tested":"4.4.34","requires":"4.4.2","requires_php":"","requires_plugins":"","header_name":"Htpasswd Generator","header_author":"Andrea Como","header_description":"","assets_banners_color":"","last_updated":"2016-06-24 22:20:27","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"https:\/\/it.wordpress.org\/plugins\/wp-htpasswd-generator\/","header_author_uri":"http:\/\/codingjam.it","rating":0,"author_block_rating":0,"active_installs":10,"downloads":1796,"num_ratings":0,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":[],"upgrade_notice":[],"ratings":{"1":0,"2":0,"3":0,"4":0,"5":0},"assets_icons":[],"assets_banners":[],"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.0.0","1.1.0","1.1.1","1.1.2"],"block_files":[],"assets_screenshots":{"screenshot-1.png":{"filename":"screenshot-1.png","revision":"1567317","resolution":"1","location":"plugin"}},"screenshots":{"1":"Htpasswd Generator settings page"},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[69265,1329,7906,600],"plugin_category":[54],"plugin_contributors":[97162],"plugin_business_model":[],"class_list":["post-43409","plugin","type-plugin","status-closed","hentry","plugin_tags-basic-authentication","plugin_tags-htaccess","plugin_tags-htpasswd","plugin_tags-security","plugin_category-security-and-spam-protection","plugin_contributors-andreacomo","plugin_committers-andreacomo"],"banners":[],"icons":{"svg":false,"icon":"https:\/\/s.w.org\/plugins\/geopattern-icon\/wp-htpasswd-generator.svg","icon_2x":false,"generated":true},"screenshots":[{"src":"https:\/\/ps.w.org\/wp-htpasswd-generator\/trunk\/screenshot-1.png?rev=1567317","caption":"Htpasswd Generator settings page"}],"raw_content":"<!--section=description-->\n<p>Want to protect resources in a folder only to registered users in your WordPress installation? This plugin sync any WP users with Apache basic authentication system file-based automagically: accessing protected resources will prompt for WordPress account credentials<\/p>\n\n<h3>Advanced options<\/h3>\n\n<p>If you want to protect resources with WordPress credential on another server, you can provide FTP credentials:\nthis plugin will take care to copy <code>.htpasswd_generated<\/code> to remote server. It's up to you then to configure Apache <code>.htaccess<\/code> file propertly.<\/p>\n\n<!--section=installation-->\n<ol>\n<li>Upload <em>plugin folder<\/em> to the <code>\/wp-content\/plugins\/<\/code> directory.<\/li>\n<li>Activate the plugin through the <strong>Plugins<\/strong> menu in WordPress.<\/li>\n<li>Go to <em>Htpasswd Generator<\/em> settings page under WordPress <em>Settings<\/em> menu<\/li>\n<li>Fill <em>Generic Settings<\/em> section to provide resource paths to protect. Remember that resource folders must alredy exist<\/li>\n<li>Now Apache will ask for basic authentication while trying to access that resources<\/li>\n<\/ol>\n\n<!--section=faq-->\n<dl>\n<dt>How WordPress users are synchronized with *.htpasswd_generated* file?<\/dt>\n<dd><p>This plugin <a href=\"https:\/\/codex.wordpress.org\/Plugin_API\/Action_Reference\">hooks to some WordPress Actions<\/a> involving user's <strong>creation<\/strong>, <strong>update<\/strong> or <strong>deletion<\/strong>, such as:<\/p>\n\n<ul>\n<li><em>user_register<\/em><\/li>\n<li><em>profile_update<\/em><\/li>\n<li><em>delete_user<\/em><\/li>\n<li><em>password_reset<\/em><\/li>\n<\/ul><\/dd>\n<dt>After plugin activation, only new users or updated users can access protected resources, why?<\/dt>\n<dd><p>WP user's passwords are hashed before storing on db, so they cannot be reverted to plain text for security reason. Apache basic authentication based on file expects a different type of password hashing, so this plugin cannot use WP hashed version but has to catch and hash user's password before they are hashed from WP. Unfortunately, the only way to sync <code>.htpasswd_generated<\/code> with existing users is to <strong>update their password<\/strong> (even with same value) from admin panel or from <strong>reset password<\/strong> functionality so it can be caught and hashed when still plain text.<\/p><\/dd>\n<dt>Is it opensource?<\/dt>\n<dd><p>You can fork, edit and pull request sources from <a href=\"https:\/\/github.com\/andreacomo\/wp-htpasswd-generator\">GitHub<\/a><\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>1.1.2<\/h4>\n\n<ul>\n<li>No new feature. Just needed to meet WordPress update system<\/li>\n<\/ul>\n\n<h4>1.1.1<\/h4>\n\n<ul>\n<li>Fixed issue #1: switched encryption algorithm to <em>APR1-MD5<\/em>, compatible with <strong>Apache 2.2.18 and above<\/strong>, both on Linux and Windows<\/li>\n<\/ul>\n\n<h4>1.1.0<\/h4>\n\n<ul>\n<li><strong>Automatic folder protection<\/strong>: now in new settings page you can specify folders path you want to protect: <strong>no more need<\/strong> to move and rename <code>rename_me_to_.htaccess<\/code> manually! <\/li>\n<li><strong>New FTP upload feature<\/strong>: if you need to protect a remote resource (on another server than WordPress installation), you can upload <code>.htpasswd_generated<\/code> automatically via FTP to another server. Remember to configure <code>.htaccess<\/code> file properly on remote server.<\/li>\n<\/ul>","raw_excerpt":"Sync your WordPress users with .htpasswd file for enabling Apache (2.2.18 and above) basic authentication based on file for your resources","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/bre.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/43409","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bre.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/bre.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/bre.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=43409"}],"author":[{"embeddable":true,"href":"https:\/\/bre.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/andreacomo"}],"wp:attachment":[{"href":"https:\/\/bre.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=43409"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/bre.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=43409"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/bre.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=43409"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/bre.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=43409"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/bre.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=43409"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/bre.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=43409"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}