Not every WordPress is a public site. Some are designed for a business client in mind, and as such, contain sections or files that should be restricted to a particular readership. But wait – WordPress can do that? Are these DIY sites complex enough to build in such restrictions?

Yes, WordPress enables a range of site protections if you know what tools to use. You can use plugins to create secure customer logins, password protect your files, and even password protect your entire site. But sometimes trying to restrict your content can cause some glitches on your site.

If you’re having trouble getting the protected PDFs on your WordPress site to work properly for your clients or readers, you may be making a mistake in the encryption process or using the wrong plugin.

Here’s what you can do to troubleshoot these problems.

No Password? No Problem

Many WordPress users know that it’s possible to password protect their files, but don’t actually know how to execute this process. Is it enough to upload a pre-protected file? No, all this will do is create a situation in which readers can download the file but can’t open it, and also open you up to hackers who find away around the password. That won’t do you much good.

To apply a password to the actual download, you need to change the visibility settings on your download so that a password is required. This means that users will have to enter the password at the outset in order to download the file, and you can even hide the file URL to prevent unauthorized users from accessing it. This is the easiest way to protect your files on WordPress.

If you password protect your file, users shouldn’t be able to see the document in your site’s PDF viewer plugin, but make sure to check this out before making your post public. You don’t want to protect a downloadable file, only to have it be viewable by accident.

Send It Smarter

If you’re going to encrypt a file, the best option generally isn’t to then put it up on the web. There will always be someone out there who’s eager to unencrypt things that they shouldn’t be able to access, and you’re opening a door for them. This is why most people send encrypted files via email – it makes sure that they are delivered directly into the hands of the intended reader. If you use a WordPress to manage you ecommerce, however, it makes sense that you would want to use it as a central file location as well.

One way to combine these two processes is by using a WordPress plugin to automate the invoicing process. In this way, you can keep your files restricted to a single client, uploading them to a protected site like Dropbox or Egnyte without ever leaving your site, while avoiding the risks of putting client information onto your general page.

Beware Indexing

Though WordPress makes it easy for you to password protect your files, it surprisingly isn’t equipped to protect your files from search engine indexing. Indexing is what happens when a search engine crawls your site and records what’s on it so it can generate search results; basically, it’s what makes Google work. But if you’ve protected a PDF, you probably don’t want that information coming up on Google or any other search engine.

In order to prevent this from happening, you’ll need to alter your site’s HTML. By adding this robot.txt file to your site code, you can force search engines to skip your password-protected files when indexing your page. They’ll still have access to your general content, but they won’t be able to see any sensitive information.

With this knowledge in hand, you should be better equipped to protect files on your WordPress page. Not everything you put online needs to be completely public, but you have to be savvy if you’re going to avoid the numerous workarounds to digital privacy.