Hello
is there anyway to password protect posts?
i want to show my clients their images in order to confirm the work, I need to post their image & get them a link with a password to access it. is it possible inside ghost?
1 Like
Hey 
And here:
1 Like
Thanks.
I saw them before post here, I want to only password protect specific posts not the entire site.
1 Like
Hmmmm⊠nothing native in Ghost because there would not be a widespread utility for such functionality, but if youâre good with code, you can roll something like this.
With Ghost Members, you can authorize the viewing of a post based on affiliation (e.g., member, paid, free, etc.). I donât see why that canât be reversed engineered to use the password protect functionality instead. Itâll be a bit of imagination, time, and programming.
If you need something more expedient, you can simply use the aforementioned Ghost Members feature, like:
- Implement a Ghost Members âfreeâ tier.
- Create a post w/ images and designate it as member only using
âpost access levelsâ. - Have the client sign up via email to view that particular post.
Success! That may be the simplest way of doing it.
1 Like
Thanks for suggestion, I should think about this.
As I currently run my graphic design / photography studio site on Ghost, I prefer to have this function also in my own site & donât use 3rd party systems.
1 Like
I would also like to see this built in to Ghost, not as a suscriber feature, but ability to password protect a post.
1 Like
Kind of got something working: I used basic server side authentication protect a collection slug. In a nutshell, Iâm on DigitalOcean and running Nginx, so I set up a user/password combo and added it to the config file for my Ghost installation in /etc/nginx/sites-enabled/. I also created a new collection so that I easily protect any new post by adding it that tag. I wrote up more detailed steps here: Password protecting only some pages on Ghost
I originally had set up what Titus was suggesting with a free tier. I set subscription access to âonly people I inviteâ so I wasnât worried about people signing up and getting access to the protected content. An alternative would be to create a paid tier for a ridiculous prices (e.g. $999,999/mo) and comp free accounts to people who you want to give access. That said, it still uses a magic link to sign in, and in some cases itâs easier to just have a simple password (e.g. to password protect your portfolio)
1 Like
This would be awesome feature. One quick solution which came to my mind is to make page instead of post. You can use some unguessable custom url like:
https://myGhostDomain.com/this-is-super-secret-slug-nobody-can-guess
To avoid indexing of such site from google bot you should inject this code into head:
<meta name="robots" content="noindex,nofollow" />
Such page link will be exploreable only in ghost sitemap.xml. It might be enough for your usecase? Just idea.
If youâre looking for an easy way with a GUI interface to control access outside that of the membership functionality which I would suggest you use, perhaps [Cloudflareâs Access product] (https://www.cloudflare.com/en-gb/products/zero-trust/access/) might suit?
If you want to âpassword protectâ the post so that people with specific emails can receive One Time Pins to enter, you could setup a Lambda / Zapier function to call Cloudflareâs API to add certain labelled member email addresses to Cloudflareâs access list. Then all people have to do it enter their email, receive a OTP through their email and theyâre in for a session period (also customisable)
Hereâs a screenshot of the âapplication domain path setupâ just to show you how easy it is to setup specific website paths or wildcard paths to protect. There is a generous free tier that they offer!
Cheers,
Alex.
1 Like