Skip to content

Restricting site access

Controlling content distribution via Jetpack

Jetpack adds a suite of powerful security, performance, and marketing tools to all VIP sites, including various tools to aid in content consumption, distribution, and syndication. These include:

For sites with restricted access, the behavior of these tools can be modified depending on the specific use cases.

Enabling content distribution

For sites that rely on IP Allow List or Basic Authentication to restrict access, Jetpack’s content distribution tools are automatically disabled. This means that content is blocked from being:

  • Accessed via the WordPress.com REST API or Jetpack Search via unauthenticated requests
  • Consumed via the WordPress.com Reader
  • Syndicated via the WordPress.com Firehose

If there is a preference for a site to be restricted but for content to continue to be distributed via Jetpack, add the following code snippet to the site’s vip-config.php file:

/vip-config/vip-config.php
if ( ! defined( 'VIP_JETPACK_IS_PRIVATE' ) ) {
	define( 'VIP_JETPACK_IS_PRIVATE', false );
}

Within 30 minutes, the default content distribution features that are included with Jetpack will be restored.

To selectively enable content distribution features, use the jetpack_get_available_modules filter.

Non-production environments

An application’s non-production environments will have content distribution disabled by default.

To enable content distribution for these environments, or tweak their behavior, follow the “Enabling content distribution” instructions above.

Disabling content distribution

Sites that rely on restricting access via plugins or mechanisms that aren’t native to the VIP Platform (e.g. paywalls) may want to restrict content distribution via Jetpack.

To disable content distribution via Jetpack, add the following code snippet to the site’s vip-config.php file:

/vip-config/vip-config.php
if ( ! defined( 'VIP_JETPACK_IS_PRIVATE' ) ) {
	define( 'VIP_JETPACK_IS_PRIVATE', true );
}

Content distribution via Jetpack can be code-disabled for specific subsites on a WordPress multisite.

In this example, content distribution is disabled for the subsite with the assigned subdomain subsite.example.com:

/vip-config/vip-config.php
if ( 'subsite.example.com' === $_SERVER['HTTP_HOST'] ) {
    define( 'VIP_JETPACK_IS_PRIVATE', true );
}

Content distribution via Jetpack can be code-disabled for specific subsites with a subdirectory structure:

/vip-config/vip-config.php
if ( 'example.com' === $_SERVER['HTTP_HOST'] &&
	0 === strpos( $_SERVER['REQUEST_URI'], '/subsite/' )
) {
    define( 'VIP_JETPACK_IS_PRIVATE', true );
}

Within 30 minutes, content will no longer be accessible via Jetpack’s default content distribution features.

Note

Disabling Jetpack content distribution will block content from being accessible through the Jetpack Search API. Therefore, the site will fall back to Core WordPress database search. Jetpack Search can be configured for non-public content to be accessible via authenticated requests. Enabling this function requires that Jetpack Search is activated within the codebase.

Preventing Jetpack from loading

Define the VIP_JETPACK_SKIP_LOAD constant as true in the vip-config.php file to prevent Jetpack from loading in an environment.

/vip-config/vip-config.php
define( 'VIP_JETPACK_SKIP_LOAD', true );

Caution

This is uncommon and will completely skip loading Jetpack. Be aware that the environment may lose required functionality and features (e.g. VaultPress backups, audit logs, Publicize, Jetpack SSO). Do not add this constant unless it has been fully tested against the application on a non-production environment, and there is confidence that Jetpack features will not be used any time in the future.

Preventing Jetpack from being automatically connected

If Jetpack is enabled for a site, it will automatically connect to WordPress.com when the site launches. It might take a few minutes for a site’s connection to Jetpack to appear active after a site launch.

A process will run every hour after that to check that the connection is still active. If the connection is not active, the system will attempt to reconnect.

If an environment needs to be opted out of this behavior, define the VIP_JETPACK_AUTO_MANAGE_CONNECTION as false in the site’s vip-config.php file:

/vip-config/vip-config.php
define( 'VIP_JETPACK_AUTO_MANAGE_CONNECTION', false );

Last updated: April 22, 2022