DEV-lock password

DEV-lock password

The HTTP Basic Auth login that gates every site's front-end during the build phase (server-level .htpasswd, removed at Go Live). Share these credentials with a client who is allowed to preview a site under construction. Saving a new password rewrites it on all currently-locked sites at once — use this if the password is ever compromised. New sites get the saved value at provisioning; if nothing is saved here, the config fallback (agency / testing) is used.

Shown in plain text on purpose — this is a shared preview gate you hand to clients, not a secret app credential. The password is rewritten on every locked site over SSH when you save.
Currently active: config fallback (nothing saved in the app yet).

How a client previews a build

Give the client the site's temporary URL plus the username and password above. Their browser shows a login prompt; once entered, they see the full work-in-progress site. The lock only blocks the front-end — /wp-admin, login and the sync endpoints stay open — and it is removed automatically at Go Live.