Page Restriction

Introduction

Overview

The Page Restriction extension adds advanced access control to your Magento 2 store, enabling password-protected restrictions for specific content. This feature is especially useful for B2B merchants to separate and manage access between wholesale and retail operations.

Common applications include:

Wholesale Catalog Management

Simplify access control for wholesale catalogs and pricing by applying password protection to specific product categories. Only authorized buyers can view trade pricing, ensuring confidentiality.

Partner Resources

Provide secure, password-protected access to essential resources such as technical documentation, pricing sheets, and marketing materials. This ensures sensitive information is only available to intended recipients.

Multi-tier Access

Create different access levels for varied business relationships. For example, distributors can access the full catalog, while retailers see only their specific product lines. This ensures tailored access for each audience.

SEO-Friendly Integration

Maintain your site’s discoverability with seamless SEO integration. Search engines can index your content, while user access restrictions remain enforced, ensuring both visibility and security.

System Requirements

Before installing the extension, check that your environment meets these requirements:

Magento Compatibility

• Magento 2.4.4 - 2.4.7

• Works with both Magento Open Source and Commerce editions

Server Requirements

• PHP 7.4 - 8.3

The extension doesn’t add any requirements beyond what Magento 2 already needs to run properly.

Installation

You can install this extension either through Composer or manually. Composer is recommended as it handles dependencies automatically.

Composer Installation

1. Log in to your server via SSH

2. Navigate to your Magento root directory

3. Run the following commands

composer require upvado/magento-module-page-restriction

php bin/magento setup:upgrade
php bin/magento setup:di:compile
php bin/magento setup:static-content:deploy
php bin/magento cache:clean

Manual Installation

If you can’t use Composer, follow these steps:

1. Create this directory in your Magento installation:

app/code/Upvado/PageRestriction

2. Download the extension files and extract them to this directory. Make sure the files are owned by your Magento file system user.

3. Run these commands from your Magento root:

php bin/magento setup:upgrade
php bin/magento setup:di:compile
php bin/magento setup:static-content:deploy
php bin/magento cache:clean

Post-Installation

After installing, check that the extension appears in your admin panel:

1. Clear your browser cache

2. Log out of the admin panel and log back in

3. Look for “Upvado” in the main menu

4. Navigate to Stores > Configuration > Upvado > Page Restriction to verify the extension settings are accessible

If you don’t see the configuration section, try:

• Clearing the Magento cache again.

• Checking the app/etc/config.php file to confirm the module is listed.

• Looking in var/log/upvado/error.log or var/log/system.log for any error messages,

Configuration

After installation, you’ll need to configure the extension to work with your store. All settings are managed through the Magento admin panel.

Basic Setup

1. Go to Stores > Configuration > Upvado > Page Restriction

2. Make sure you’re on the right store view (top left of the configuration page)

Here’s what each setting does:

General

• Enable/Disable: Activates or deactivates the extension without uninstalling it.

• Session Lifetime: Specifies how long (in seconds) a successful login remains valid. The default is 86400 (24 hours).

• Excluded Pages: Pages that should never be restricted. Home page is a common choice here

• Allowed Bots: Permits search engines to access restricted content, preserving your site’s SEO performance.

Login Page

• Title: The heading displayed at the top of the login page.

• Description: Informative text shown to users on the login page.

Restricted Page

• Custom HTML Content: The content displayed when users encounter a restricted page. HTML can be used for customization.

Setting Up Restrictions

Navigate to Upvado > Manage Page Restriction in your admin panel. This is where you’ll create and manage your access rules.

Creating a New Restriction

1. Click “New Page Restriction”

2. Complete the following sections:

Basic Settings

• Name: Internal reference only, customers don’t see this

• Status: Set to active or inactive

• Store View: Specify which store views the restriction applies to.

• Priority: Assign a priority value (lower numbers indicate higher priority, with 0 being the highest).

Access Control

• Customer Groups: Pick which customer groups this applies to.

• Passwords: Add one or more passwords for this restriction - Each password must be unique within a store view. - Passwords are stored securely and hidden after saving.

Content Selection

Choose the content to restrict:

• CMS Pages: Static pages like About Us

• Categories: Entire product categories

• Products: Individual products

• Custom URLs: Specific pages or routes

You can mix and match these - one restriction can cover multiple pages, categories, and products.

Priority System

The priority system (0-1000) determines which restriction wins when multiple rules could apply:

• A product within a restricted category might also have its own restriction.

• A CMS page could be affected by multiple rules.

• Lower priority numbers (closer to 0) always override higher ones.

Refer to Page Restriction Priority Process for a comprehensive explanation and detailed insights.

Important Notes

• Changes may take several minutes to apply due to caching mechanisms.

• Always test restrictions in an incognito or private browser window to avoid session conflicts.

• Check the system logs at var/log/upvado/*.log to troubleshoot any issues.

• Excluded pages always take precedence and are not affected by other restrictions.

Features

Building on the configuration options, the extension offers advanced features to address complex access control requirements.

Multiple Protection Layers

You can combine different restriction types to create advanced access patterns:

Example:
 - Protect an entire category with a single password.
 - Apply additional restrictions to individual products within the category.
 - Configure unique permissions for different store views.

Customer Group Integration

Beyond password protection, you can:

• Target specific customer segments

• Create different rules for wholesalers vs. retailers

• Override group restrictions with passwords when needed

Login Management

The extension handles login sessions intelligently:

• Sessions persist across restricted areas

• Independent from Magento’s customer login

• Can be cleared selectively without affecting customer accounts

Custom URL Restriction

When restricting custom URLs:

• Add one complete URL per line

• Each URL must be exact, like:

/checkout/onepage/success
/checkout/cart
/checkout

There’s no pattern matching or wildcards - you need to add each URL you want to restrict individually.

Developer Guide

Page Restriction Priority Process

Understand how page restrictions are prioritized and applied within the system. The flowchart illustrates the decision-making and validation processes:

Page Restriction Validation Process

This flowchart highlights the validator execution.

For a comprehensive overview of the page restriction logic and code implementation, refer to the developer documentation available at: <extension-root>/docs/

Custom development

• Override or add custom bots using dependency injection

• Add excluded routes programmatically via di.xml

• Create custom validation rules for page restrictions

Check the developer documentation in <extension-root>/docs/ for implementation details.