Allow Access To Subfolder Of HTML For Logged In Visitors

Take a look at this thread here – it covers using .htaccess to protect a directory based on a WordPress logged in cookie.

The .htaccess in case the thread goes missing – obviously you’ll need to change uploads/premium to your directory:

# BEGIN WordPress
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} ^.*uploads/premium/.*
RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]
RewriteRule . /index.php [R,L]
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
# END WordPress

Edit: toscho has rightly pointed out this method is unreliable, as cookies are browser-based and easily spoofed. So, I’d like to add one more method: HEREDOC syntax. Quick and dirty, and probably horribly thought out, definitely a better way somewhere, but overall worth a shot. Basically, you’ll do a global find/replace then a global rename on the html files in your /docs directory. Assuming your files all begin with <!DOCTYPE, simply find <!DOCTYPE and replace with this:

<?php include_once('/wp-config.php');
if ( is_user_logged_in() )
{ print <<<HTML

Then find your closing </html> tag and replace it with this:

} else {
echo 'Who are you and how did you get this number?';

Batch change the filenames to .php using Renamer or something similar, and viola – you’ve added WordPress functionality to your static html files. Of course, make sure you have a backup of your files before doing any bulk operations, no matter how certain you are they’ll work. All it takes is one little typo and you’ve set yourself up for hours of tedious work reverting it.