This plugin allows users to subscribe to feeds requiring authentication. When using More Privacy Options in a multi-site installation RSS feeds for blogs marked as private require authentication. This plugin adds a user and site specific 40-character key on private blogs, creating a unique feed URL for each registered on user the blog. This allows feeds on private blogs to be subscribed to using feed readers that do not support authentication. As well, this allows subscription on sites where local HTTP authentication of feeds is not possible, such as those that use CAS or OpenId to authenticate users.
Primary differences from Feed Key:
- Only adds keys to the feed URLs on private sites, not all sites in the network.
- Keys are per site and per user, preventing exposure of the key for a single site from giving access to other sites the user can see.
- Presence of a feed key authenticates feed requests as the user that matches the key rather than blocking requests that don’t include a feed key.
- If no key is present the RSS feed request continues without interference for handling by other authentication hooks.
- Access control is still determined by other authentication plugins, ensuring that if a user is removed as a subscriber of a private blog, access to the feed will be denied.
- Users can revoke their own keys on a per-blog basis.
Contributors and developers, please submit issues and pull-requests via the Github repository.
Licensed under the GNU General Public License 2.0 (GPL)
- Install and network-activate the More Privacy Options plugin
- Download the
private-feed-keys.x.x.zipfile to your
wp-content/plugins/directory and unzip it.
- Network-activate the plugin through the SuperAdmin-Plugins menu in WordPress
- Feed keys will be added to feed urls when individual blog privacy options are set to „Subscribers Only“ or greater on the Settings-Privacy page
- Users (and network admins) can revoke their keys from individual blogs via the users‘ profile page.
In place of step #2 above,
cd wp-content/plugins/ then run
git clone https://github.com/adamfranco/private-feed-keys.git .
- If someone finds out my key, can they use it to access my other sites on the network?
No, keys are per-user and per-site.
- I removed a subscriber from my private site, will they still see updates?
No, the feed keys just authenticate the user, they still are checked against the subscriber list by More Privacy Options before showing them content.
- Will my feed key let me edit without logging in?
No, the key only grants access to feeds, nothing more.
- I found a bug, how can I report it?
Za tutón tykač pohódnoćenja njejsu.
Sobuskutkowarjo a wuwiwarjo
„Private Feed Keys“ je softwara wotewrjeneho žórła. Slědowacy ludźo su k tutomu tykačej přinošowali.Sobuskutkowarjo