Automatic login into WordPress
To make a WordPress private, it seemed like using an .htaccess would be the most straight-forward and secure approach. However, you end up having to type in your username name and password twice – once to get access to the web page (web server authentication) and once more to log into WordPress.
I googled a bit and ended up on this post by Leon Bukhman. In his case, he wanted automatic login to a “guest” account. I changed the code a bit and got it working with the REMOTE_USER environment variable (this is set by the webserver).
The full PHP script for WordPress is available at
You still have to create two accounts:
- An entry in the .htaccess file for logging
- An account with the same username for the WordPress.
When you log into the website, you will be logged into WordPress with the same username. You can still log-out of WordPress (you’ll be directed to the login page) and log-in with a different name (e.g. admin).
Here’s the script for the plugin:
$user_login = getenv("REMOTE_USER");
$user = get_userdatabylogin($user_login);
//get user's ID
$user_id = $user->ID;