How to Grant Different File Access Permissions to Different WordPress Folders

PDA Access Restriction extension allows you to protect all files inside a WordPress folder. It comes in handy if the files you want to protect don’t display under Media Library. Even though you can protect multiple folders at once, you need to set them the same permission.

In this article, we will guide you on how to extend the folder protection feature by grant different access permissions to different folders.

Requirements:

Step 1: Define your new access permission rules by adding them into wp-config.php file. Below is a sample rule.

define( 'PDA_FOLDER_PROTECTION',
    [
       [
          'folder' => 'folder-A',
          'permission' => array('administrator', 'editor'),
       ],
       [
          'folder' => 'folder-B/01',
          'permission' => 'logged_in_users'
       ],
    ]
);

Each rule contains 2 values:

  • folder: The path of your WordPress folder.

If the full path of your folder is something like https://your-website.com/wp-content/uploads/folder-A, the folder in the rule will be ‘folder-A‘.

Similarly,  the full path of your folder is something like https://your-website.com/wp-content/uploads/folder-B/01, the folder in the rule will be ‘folder-B/01‘.

  • permission: Define who has permission to access the files inside the corresponding folder. If this value is empty, the folder is accessible to no one.

In the example above, administrators and editors can access the folder-A while all users who logged into your site can see all files stored in subfolder 01 of folder-B.

Step 2: Go to Prevent Direct Access Gold settings page and click on “Save Changes” button to add this rule into your .htaccess file. You need to do it whenever you update the folder in the wp-config.php file.

It’s important to remember that the more specific or “deeper” directory needs to be put in a higher position in the wp-config.php file.
define( 'PDA_FOLDER_PROTECTION',
    [
       [
          'folder' => 'folder-A/01',
          'permission' => array('administrator', 'editor'),
       ],
       [
          'folder' => 'folder-A',
          'permission' => 'logged_in_users'
       ],
    ]
);
Lasted updated on May 23, 2020