I recently wanted to develop a WordPress site on a live web server, in the root of the server, using the final domain name – however, I didn't want the public to be able to view the work in progress site.

What I would normally do in this situation is add an index.html file to the site root, then the following code into .htaccess to ensure the HTML file takes priority over WP's PHP version of the same file:

DirectoryIndex index.html index.php

However, this won't work with WordPress; it rewrites the URL to the domain root (as specified in the WP Settings panel), leaving me with access to my HTML holding page only.

So I set about a different technique. How about only allowing access to the WordPress files to my IP, and displaying the traditional HTML if the IP does not match? Well, that's what I did.

By adding a simple snippet of code to the WordPress template, you can deny access to the WP site to everyone except you (or, to be more specific, your IP address). The code looks like this:

<?php $ip=$_SERVER['REMOTE_ADDR'];
if ($ip !== "111.222.333.444") : ?>
    <!-- HTML holding page code -->
<?php else : ?>
    <!-- WordPress template code -->
<?php endif; ?>

Since my WP site used a static page for the landing page, this code needed to be inserted into my page.php template file. If you're showing posts on your landing page, add the code to the index.php template.

If you move to a different internet connection or use a dynamic IP, you will need to update the file with your current IP address.

There are 6 awesome comments...

1. 

   NEIGOGAMYDEDE - January 1, 2010 at 8:23 pm

   Awesome, I did not know about that up to now. Cheers!
2. 

   Luke - January 2, 2010 at 6:10 pm

   Easiest way I’ve found is to install the Maintenance Mode plugin and completely customise the “maintenance-mode_site.php” page.
3. 

   Lisa - February 2, 2010 at 8:52 am

   Hi there

   This is sort of related to your post… I am trying to decide if it is better for me to develop my sites locally or in a testing area in a live web server.

   I am already using MAMP / local and it all works fine. The problem is that a) I can’t show my client the website as I make progress for feedback and b) if I need assistance from wp or wpec they can help more on live sites.

   Reason for not choosing live to start with was because I was told it was really slow and that moving from a testing area (see below how I was thinking of doing it) mucks up the permalinks. I have been told recently that using something like Coda makes it really easy to develop live.

   The system I was thinking of using live would be:

   Secure a domain purely for testing: mycompanytest.com

   Build sites under: clientsite.mycompany.com

   Then move the sites once complete to:

   clientsite.com

   Is this something that would work? Sorry, have been trolling through the web trying to find some more info on this with not much luck.

   Thanks!
4. 

   Dan Luton - February 2, 2010 at 9:49 am

   Hi Lisa,

   It’s more a question of which method of development best suits the way you work and the systems you work on, rather than which is better than the other.

   I tend to develop the early stages in MAMP (simply because deployments of WP and Joomla are already available) – normally the template stuff. There comes a point where you inevitably find yourself creating sections of content layout for testing (articles, posts, sidebar data, modules, plugins), and it’s at this point where I find myself setting up on a live server to save duplicate work.

   You can, of course, develop fully on a local environment before transferring to a live server – but as you say, you do need to work on correcting the permalinks (in WP) although this is easy enough to overcome (plenty of guides on Google for doing this in a pain-free way).

   I think beyond the initial template work, working on a live server is the preferable way since the client can see the progress, and quite often I collaborate with 3rd parties at this stage, who will also need access to the site administrator.

   As for the domain choice, what you’ve described is similar to how I work – you can also protect subdomains with .htpasswd during development for added security.

   Remember if you develop in a subdomain you will still need to change the permalink structure in WP when you move to live.
5. 

   reseller hosting - April 6, 2010 at 10:09 am

   You are a very smart person! 🙂
6. 

   Collin - June 27, 2012 at 7:42 pm

   I was struggling with the same development scenario and stumbled upon the JF3 Maintenance Redirect plugin (http://www.hooziewhats.com/2010/06/jf3-maintenance-mode-plugin/). Brilliant! Works like a charm. You can allow access by IP or via unique access key emailed to specific individuals. All other visitors will see either a simple message, a static HTML page (which you have complete control over), or can be redirected elsewhere.

Leave a comment: