PDA Access Restriction extension allows you to protect all files inside a WordPress folder. It comes in handy if the files you want to protect don’t display under Media Library. Even though you can protect multiple folders at once, you have to give them the same permission.
In this article, we will guide you on how to extend the folder protection feature by granting different access permissions to different folders.
Requirements:
- PDA Access Restriction version 1.3.1 or greater
- Prevent Direct Access Gold version 3.1.6 or greater
Grant folder access based on user roles
Step 1: Define your new access permission rules by adding them into wp-config.php file. Below is a sample rule.
define('PDA_FOLDER_PROTECTION',
[
[
'folder' => 'folder-A',
'permission' => array('administrator', 'editor'),
],
[
'folder' => 'folder-B/01',
'permission' => 'logged_in_users'
],
]
);
Each rule contains 2 values:
- folder: The path of your WordPress folder.
If the full path of your folder is something like https://your-website.com/wp-content/uploads/folder-A, the folder in the rule will be ‘folder-A‘.
Similarly, the full path of your folder is something like https://your-website.com/wp-content/uploads/folder-B/01, the folder in the rule will be ‘folder-B/01‘.
- permission: Define who has permission to access the files inside the corresponding folder. If this value is empty, the folder is accessible to no one.
In the example above, administrators and editors can access folder-A while all users who logged into your site can see all files stored in subfolder 01 of folder-B.
Step 2: Go to Prevent Direct Access Gold settings page and click on “Save Changes” button to add this rule into your .htaccess file. You need to do it whenever you update the folder in the wp-config.php file.
define( 'PDA_FOLDER_PROTECTION',
[
[
'folder' => 'folder-A/01',
'permission' => array('administrator', 'editor'),
],
[
'folder' => 'folder-A',
'permission' => 'logged_in_users'
],
]
);
Please note that this feature is applicable to folders under WordPress “uploads” directory only.
Grant folder access based on users
Let’s you have created some different folders for your users under a specific main folder and name folder after the username.
To restrict file access in a specific sub-folder to each user, simply add the following constant to your wp-config.php file.
define( 'PDA_UN_ROOT_FOLDER', array('sample', 'users') );
Auto-create folders based on username
- Create folders for all existing users automatically
if (function_exists('pda_ar_create_folder_based_on_username')) {
$users = get_users();
$user_ids = array_map(
function ($user) {
return $user->ID;
},
$users
);
pda_ar_create_folder_based_on_username('sample', $user_ids);
}
- Create folders for some certain users automatically
if (function_exists('pda_ar_create_folder_based_on_username')) {
pda_ar_create_folder_based_on_username('sample', array(1, 2, 3));
}
