Restricting Access to a Folder Using .htaccess Print

  • 2

 

Restricting Access to a Folder Using .htaccess

If you want to restrict access to a specific folder on your WordPress site — such as uploads/PrivateFolder — you can modify the .htaccess file to ensure only logged-in users can access its contents.

This method is useful for protecting private files, such as restricted documents or media uploads accessible only by registered users.

 

Editing the .htaccess File

Open the .htaccess file located in the root of your WordPress installation and add the following code just after the # BEGIN WordPress line:

# BEGIN WordPress
<IfModule mod_rewrite.c>
Options +FollowSymLinks
Options +Indexes
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} ^.*uploads/PrivateFolder/.*
RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]
RewriteRule . /wp-login.php?redirect_to=%{REQUEST_URI} [R,L]
RewriteRule ^index\.php$ – [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
# END WordPress

 

Warning: Possible 500 Error

Adding these rules may trigger a 500 Internal Server Error if the server doesn't support certain directives. To prevent this, make sure to include the following lines before the <IfModule mod_rewrite.c> section:

Options +FollowSymLinks
Options +Indexes

 

Reference

For more information, refer to this external guide: Attachments visible only to registered users

 


Was this answer helpful?

« Back