Good question. I came looking for the same thing. I’ve got links to pdf files in my posts that I don’t want non-members to have access to but it seems these files are stored publicly so anyone can access them if they know the URL (or a member has gone and posted the URL publicly somewhere).
Does this plugin protect JUST the post rather than the media used in the post and downloads that are linked to in the post?
Thanks, essaysnark. It’s useful to know there’s a solution. It’s disappointing that the solution is available only to paid members (as the explanation at your link suggests).
It’s a nice plugin for the price ($0) but given that this essential function is behind the pay wall I’m going to delete this plugin and look for something else.
Not that I want to save a few dollars, mind you, but I need to test something thoroughly, and with my own customization, before I can use it on my commercial site. A plugin needs to first pass my basic requirements before I go ahead and pay for it and this one, unfortunately, doesn’t.
I was tempted to leave a negative review to warn other users who are likely to hit the same problem, but I’ll desist because, to be fair, this plugin only claims the ability to restrict access to “posts” and “pages”.
Ah – I see what you’re saying – I had thought that that recipe was available to all users but it appears you’re right. I try to only post links to free info, that recipe does seem to require payment, my mistake.
StanLight – I just unlocked that post regarding protecting files.
http://www.paidmembershipspro.com/2011/10/locking-down-protecting-files-with-pmpro/
Its “advanced” as far as customizations go since it involves editing the wp-config and hatches files – which is why it was originally published for premium members.
Thanks for that info, Kim. Your article is very helpful.
For those unfortunate few who are running WordPress on a Windows 2012R2 server, what would the equivalent web.config file look like for a protected directory in the article you posted above and at:
http://www.paidmembershipspro.com/2011/10/locking-down-protecting-files-with-pmpro/
I found an article on the subject of url rewrite equivalents in Windows Server web.config files, but the exact syntax is unclear:
http://www.iis.net/learn/application-frameworks/install-and-configure-php-applications-on-iis/translate-htaccess-content-to-iis-webconfig
You may also wish to update the above article of your on the subject as well to address the OTHER half of your user audience.
Thanks in advance for any help you can provide.
For the information of readers, Microsoft provides an apache URL rewriter converter, where you can import your apache .htaccess and it will convert it to the required web.config format. See:
http://www.iis.net/learn/extensions/url-rewrite-module/importing-apache-modrewrite-rules
Running the IIS URL Rewriter on your sample .htaccess script fails. It says that the “RewriteBase /” command cannot be translated.
Therefore, my question remains about the appropriate web.conf file to use that will trigger your getfile.php.
Here is the equivalent web.config arrivated at upon much experimentation:
<configuration>
<system.webServer>
<rewrite>
<rules>
<rule name="Protect Member Subscriber Content">
<match url="^(.*)$" ignoreCase="false" />
<action type="Rewrite" url="/wp-content/plugins/paid-memberships-pro/services/getfile.php" />
</rule>
</rules>
</rewrite>
</system.webServer>
</configuration>
However, hitting any of the files in the protected directory from the browser address bar does as a non-logged in user does not produce any error. The files are NOT protected as advertised. The getfile.php doesn’t do its job.
Thanks for opening that article, Kim. It’s a useful recipe and I do have a dedicated server but I’m concerned about the RAM usage.
Editing htaccess etc., is not a problem but I don’t want to start with a restriction on file size. There may be larger pdfs that we make accessible to members and I don’t want that slowing the site down for new potential customers coming to our site.
Thanks for your response and action though. Much appreciated.
