How to Grant Different File Access Permissions to Different WordPress Folders

PDA Access Restriction extension allows you to protect all files inside a WordPress folder. It comes in handy if the files you want to protect don’t display under Media Library. Even though you can protect multiple folders at once, you have to set them the same permission.

In this article, we will guide you on how to extend the folder protection feature by grant different access permissions to different folders.

Requirements:

Grant folder access based on user roles

Step 1: Define your new access permission rules by adding them into wp-config.php file. Below is a sample rule.

define('PDA_FOLDER_PROTECTION',
	[
		[
			'folder' => 'folder-A',
			'permission' => array('administrator', 'editor'),
		],
		[
			'folder' => 'folder-B/01',
			'permission' => 'logged_in_users'
		],
	]
);

Each rule contains 2 values:

  • folder: The path of your WordPress folder.

If the full path of your folder is something like https://your-website.com/wp-content/uploads/folder-A, the folder in the rule will be ‘folder-A‘.

Similarly,  the full path of your folder is something like https://your-website.com/wp-content/uploads/folder-B/01, the folder in the rule will be ‘folder-B/01‘.

  • permission: Define who has permission to access the files inside the corresponding folder. If this value is empty, the folder is accessible to no one.

In the example above, administrators and editors can access the folder-A while all users who logged into your site can see all files stored in subfolder 01 of folder-B.

Step 2: Go to Prevent Direct Access Gold settings page and click on “Save Changes” button to add this rule into your .htaccess file. You need to do it whenever you update the folder in the wp-config.php file.

It’s important to remember that the more specific or “deeper” directory needs to be put in a higher position in the wp-config.php file.
define( 'PDA_FOLDER_PROTECTION',
    [
       [
          'folder' => 'folder-A/01',
          'permission' => array('administrator', 'editor'),
       ],
       [
          'folder' => 'folder-A',
          'permission' => 'logged_in_users'
       ],
    ]
);

Grant folder access based on users

Let’s you have created some different folders for your users under a specific main folder and name folder after the username.

To restrict file access in a specific sub-folder to each user, simply add the following constant to your wp-config.php file.

define( 'PDA_UN_ROOT_FOLDER', array('sample', 'users') );

Auto-create folders based on username

  • Create folders for all existing users automatically
if (function_exists('pda_ar_create_folder_based_on_username')) {
	$users = get_users();
	$user_ids = array_map(
		function ($user) {
			return $user->ID;
		},
		$users
	);
	pda_ar_create_folder_based_on_username('sample', $user_ids);
}
  • Create folders for some certain users automatically
if (function_exists('pda_ar_create_folder_based_on_username')) {
	pda_ar_create_folder_based_on_username('sample', array(1, 2, 3));
}
Lasted updated on January 15, 2021