Support » Fixing WordPress » How to make folder from root only available for logged users?

  • Hello,
    I have a folder (/public_html/spatiu-abonati) in which I have some pdf’s that I want to be visible only for logged users. And if someone has the link and he’s not logged, he cannot see the pdf.
    I tried with htaccess, but didn’t succeed.
    And if someone knows how to make the pdf’s I have online read-only, so they cannot be downloaded.

Viewing 8 replies - 1 through 8 (of 8 total)
  • Sounds like you’re wanting to password-protect files for download. There’s several plugins that already do this for you.

    As for protecting the folder from access unless someone’ logged in, that takes more custom coding that you can probably put here. You’d probably be better off using a plugin.

    I tried htaccess with something like this, but didn’t works:

    # BEGIN WordPress
    <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /
    RewriteCond %{REQUEST_URI} ^.*spatiu-abonati/.*
    RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]
    RewriteRule . /wp-login.php?redirect_to=%{REQUEST_URI} [R,L]
    RewriteRule . /wp-login.php [R,L]
    RewriteRule ^wp-login.php$ - [L]
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule . /wp-login.php [L]
    # END WordPress

    Yeah, that’s not your problem. The problem is, if you want WordPress to recognize your folder, then you’ll have to out in the call to wp-blog-header.php in the index file of the directory. Then you’ll need to do something like get_currentuserdata() with current_user-can() to check if the person is logged in AND has permission to access the folder. Setting the files as read-only is managed in your FTP settings with permissions.


    You can use a plugin.

    Is there a plugin that protects certain folders? I didn’t found any…

    Really? You didn’t find any at all? And it’s not to protect *folders* (especially folders outside of the WordPress installation – to do that you need to pay someone to help you out) it’s to protect your *files*.

    You didn’t understand… That folder I can move in wordpress, it’s not a problem.
    I have magazine, and I want my subscribers to have acces to it online and not donwload it. That folder contains the full version pdf magazines, and I want the folder to be protected from non-subscribers.
    I can put a login before the pdf’s in wordpress (that I did), but
    I need to protect the folder too. If I put hotlink protection from cpanel, it solves only direct links, if someone enters they can see the index of that folder and acces the pdf’s.
    I need something that when someone tries to enter or they can’t access it.

    Please don’t tell me I don’t understand, because I definitely do. You have files you want to protect from people who aren’t logged in, and you only want them to be able to open the files and view it through the browser, not download it and pass it around. You probably also want some sort of URL munging so people can’t directly link to the files as an extra level of protection.

    What YOU do not seem to be understanding from me is that you can’t easily make WordPress recognize the existence of a n-standard folder in the system. You can’t just plop a directory in your public_html directory and expect WordPress to know what to do with it. .htaccess can’t tell if someone is logged in, either, so using that won’t work.

    What you CAN do is use a plugin that will protect your files as you upload them through the media uploader. That’s the simplest (and free) way to pull off what you want. I you want more customized capabilities, you’ll have to use external scripts, or premium plugins, and/or hire a developer to customize it for you. not free. Those are your options.

    Ok,thank you!

Viewing 8 replies - 1 through 8 (of 8 total)
  • The topic ‘How to make folder from root only available for logged users?’ is closed to new replies.