Whether you are testing a new version of WordPress, setting up a new blog or have some other reason to limit access, the following information may help you keep unwanted visitors out.

Apache

There is no guaranteed way to do this. You can use the .htaccess file (which also contains your permalink code) to check for certain IP addresses and prevent them from viewing your site. This will only stop the IP address, not the person, so if they have access to an allowed IP address, they can get to your page. One tutorial for this is located at rendc.org

An .htaccess file can also be used to prevent others from “hot-linking” to your images (bandwidth theft) or to set up a password protected blog.

Apache Basic Authentication

To require a password to access your site using .htaccess and .htpasswd: rendc.org.htpasswd.

Tools that help you create the files necessary to password protect your site: rendc.org.htaccess And .htpasswd Tools

Note: When your site is accessed the password is encoded weakly using Base64 and can be easily intercepted and decoded.

Windows IIS Basic Authentication

To require a password if your site is hosted on IIS, you can deselect Allow Anonymous Access and select Basic Authentication. You’ll also need to have a username with a password.

Note: When your site is accessed the password is encoded weakly using Base64 and can be easily intercepted and decoded.