Prevent users from logging in to your Drupal site unless they know the secret key to add to the end of the login form page. ( default: http://example.com/?q=user/login&admin )
If your site has clean urls enabled you may use http://example.com/user/login?admin instead.
If a user does find out about the secret key they will still have their user account role checked during authentication. If they do not have the 'bypass disabled login' granted they will be refused access and displayed a customisable "denied" message.
This module is ideally suited for website content freezes during a migration or functionality upgrade.
- Maintenance status: Minimally maintained
- Development status: Maintenance fixes only
- Module categories: User Access & Authentication
- Reported installs: 550 sites currently report using this module. View usage statistics.
- Downloads: 7,099
- Last modified: May 9, 2016
- Stable releases receive coverage from the Drupal Security Team.
Look for the shield icon below.