Last month I was faced with a task, to make a blog a little more "private". It's a wordpress blog which should be available for friends but not open for everybody especially for crawlers. The easiest way to secure the blog would have been a .htaccess protection but in this case, this solution would have been to complicated for the users. There should be no need to tell people a special login or a password. Friends should be able to enter the site just by answering a simple question which everybody with a little background knowledge could know.

So I searched on the internet for a suitable plugin for wordpress, just as everybody told me that there's almost a plugin for every need. As I know how things happen around here, this solution is a bit too special for a plugin to exist for. So what to do? Use .htaccess? No. I just figured out a little hack to the index.php file of wordpress:

I implemented a small form with the question to answer and check that value. If the value is correct, I just set a cookie by my own and if the cookie is present, the visitor will be able to visit the site. The nice site effect is, that the index.php file is the center part of wordpress, so without having the cookie, it's even impossible to see any feeds.

A rough patch of the code in the index.php which could look something like this (there's still space for optimization):

if((strtolower($_POST['varName']) == 'answer1' ) || (isset($_COOKIE['nameOfCookie']) && $_COOKIE['nameOfCookie']))
{
  setcookie('nameOfCookie', true, time()+3600);
  require('./wp-blog-header.php');
}
else
{
  // display the form in here. You should know how to do that...
}