Large-scale Drupal sites often maintain a separate "staging" server to test and preview changes before they're released to the public. If you're working on a smaller project, though, it can be useful to give a few trusted testers access to a few pages of the site. In those situations, the Protected Pages module might be just what you need.

Picture of the the Protected Pages email screen

Once installed, Protected Pages allows a site's administrator to add a password prompt in front of arbitrary Drupal paths (like node/93, or /archives). Each password-protected path can be managed independently, assigned a unique password, and removed (thus opening the path up to the public) from the module's administration screen. It also allows admins to send out an email invite with the URL and password, notifying te people who should review the protected page.

Picture of the Protected Pages password screen

It's important to remember that the module's password protection operates on top of Drupal's normal access control mechanisms. It can lock down a publicly visible page, but can't grant restricted access to a page that isn't otherwise visible to a visitor. That also means that nodes protected with the module could still appear on listing pages or in Views. In addition, the approach it uses to check for protected pages is effective, but could cause performance problems on high-traffic sites that rely on heavy page caching to reduce server load.

Those caveats aside, Protected Pages could be just what the doctor ordered if you're working on a small to medium sized site, and occasionally need to preview a new post or a freshly-themed view.

Published in

Jeff Eaton

Thumbnail
Jeff Eaton is a former Senior Digital Strategist for Lullabot.

Featured Work

Latest Podcasts

Let's Connect

Want to learn more about working with us or just say hello?

Contact Us