I have a nightly script set up to copy our site (and database) to a failover server. If our primary goes down, the failover server will provide service.

Since the failover server is overwritten every night, I don't want any of our 100+ users to login and make changes that will be overwritten soon after. I plan to have a notice on the login page telling them the site is down and can't be edited, but users may ignore it.

Can I prevent all users from logging into the site when it's on this failover server without clobbering all the passwords in a database?

I have a nightly script set up to copy our site (and database) to a failover server. If our primary goes down, the failover server will provide service.

Since the failover server is overwritten every night, I don't want any of our 100+ users to login and make changes that will be overwritten soon after. I plan to have a notice on the login page telling them the site is down and can't be edited, but users may ignore it.

Can I prevent all users from logging into the site when it's on this failover server without clobbering all the passwords in a database?

• login
• backup

Share Improve this question asked Oct 24, 2019 at 17:27 Stephen SStephen S 12366 bronze badges

Add a comment  | 

1 Answer 1

Sorted by: Reset to default 2

One sure-fire, yet simple, method is to scramble the AUTH_KEY constant in the wp-config.php file on the backup server.

In wp-config.php, change your AUTH_KEY line to append rand(). Example:

define('AUTH_KEY',         'YOUR-SUPER-SECURE-GENERATED-KEY' . rand());

On every page, the logged-in key is altered. This prevents users from staying logged in. Note: rand() is very insecure. But we're not saving hashes, just trying to create a new value on each page load, so this should be sufficient. An attacker would need to know your AUTH_KEY (since we're appending the random value), and this setup is focusing on preventing good users from logging in, not trying to harden security against bad users.

If a user tries to login, the login page will redirect them back to the login page indefinitely, since the cookie generated with the old AUTH_KEY is invalid each time a page is loaded.

When copying your site over every night, copy all files except wp-config.php. This may already be required for your current setup, as the connection to the failover database might have different credentials.