One of the most frequently asked questions by WordPress beginners is how to set up restricted content. Whether you will want to use a plugin or restrict by user type, password, or premium content block will mostly depend on your goals. Once you know exactly what you’re trying to accomplish, accomplishing it is fairly easy.
If Privacy Is Your Main Concern:
There are many reasons why you might want certain pages and posts to be accessible to only certain users (documents for your staff or records for your clients, for example). To accomplish this, you need to establish a user role that has permissions for these pages and posts. You will personally grant these permissions for free (as opposed to them being generated automatically upon payment).
First, you need to see if there is a predefined user role that fits with what you want users to be able to do. To access the user roles, go to your WordPress dashboard, and find Users in the menu on the left. Under Users, click Add New to see the roles available. At a minimum, you will have Administrator, Editor, Author, Contributor, and Follower. If you’ve installed plugins, you may have other roles generated by those plugins. WooCommerce, for example, adds Customer and Shop Manager. For our purposes, we’ll assume you’re only working with the predefined WordPress User Roles.
Under each role, you’ll see the permissions granted to that role. Administrators can do everything on your site, including adding and deleting content, changing user permissions, and modifying your site’s appearance. You want to assign this role very carefully, if at all. Editors can access every page and post. Making your group Editors will allow them access to all of your content without allowing them to alter your site’s appearance or manage user roles. Authors can write and publish their own posts but cannot make any other changes. Contributors can write and edit their own posts, but an admin or editor has to publish them. Followers can only view content.
If none of these roles suits your needs, you can make pages and posts password protected. You will create a password for each piece of restricted content, and give it out yourself.
If none of these solutions work, you’ll likely need a membership plugin. You will also need a plugin in order to create an entirely private site. Keep in mind that the cheapest WordPress plan that allows plugins costs $25 a month, billed annually. So, if you’re working on a strict budget, you might want to make do with the predefined roles.
Next, you’ll want to add users, assign them roles, and restrict your content. From Users -> Add Users, you will add each person’s email address or WordPress username and check which user role you want them to have. Whenever you create a page or post that you want to restrict, go to the page/post dialog box in the upper right hand corner of the page, and click on Privacy. From there, you can choose Public, Restrict to Admins and Editors, or Password Protect.
If Monetization Is Your Main Concern:
If your reason for restricting content is to have people pay for it, you won’t want to use the above method. For one thing, you’ll be granting editing permissions to your subscribers, which is a huge security risk and a generally bad idea. It is somewhat better to use password protection, essentially having people pay for the password to the pages they want to access. The main drawback of this method is that you would have to manually respond to each sale with the password, potentially taking up a lot of your time and making your customers wait for content they expect to access immediately upon payment. Automating this task would increase the chance of the password(s) being leaked to nonpaying customers.
A much easier solution is to use premium content blocks. This will allow you to charge one time fees or subscription rates, and the setup is relatively easy. To learn how to do it, read this previous post.
Substance and Style 