Tell us what you are trying to do? I have a CPT where admins can upload files and logged in users can see those files. But I need to make sure those files cannot be accessed by anyone not logged in, including search engines.
Is there any documentation that you are following? I've followed the docs for using Access to make links to files only display when logged in.
Is there a similar example that we can see? Unfortunately the site isn't publicly accessable at the moment.
What is the link to your site? I'm waiting for the domain nameservers to be changed by the registry so it's not currently available (I'm using my hosts file to access it)
Hi, let me discuss two separate concepts at play here:
1. Restricting links to specific files, so certain Users cannot see those links to the files.
2. Restricting file access, so certain Users cannot download those files from your server.
#1 can be accomplished with Access, but #2 cannot. For example, if one of the files is called "resume.pdf", and someone guesses the correct filename in your download URL directory like this:
<em><u>hidden link</u></em>
There's nothing to stop someone from downloading that file. The restrictions in place from Access can only restrict access to posts or contents displayed in posts, not the uploaded documents.
If you want to protect those files another system is required, something like a Download Manager. See the document here for more information about one of those plugins: https://toolset.com/learn/create-membership-site-wordpress-using-toolset-plugins/restricting-access-downloadable-files/
Hi Christian
Thanks for the quick reply. I thought that might be the case.
Do you think the WordPress Download Manager plugin shown in your link will solve my problem? I have two custom fields which are file uploads - one for public (allows multiple files) and one for private (also allows multiple files). Using Access with a Toolset View I've got it to only show public files when not logged in but both public and private to logged in users. This works perfectly.
But I need to be sure the private files can't be accessed at all if not logged in. The link you've given looks promising but quite in-depth so I just want to check it's possible to achieve before I launch into it.
The key is to keep it easy for site admins to add files to a custom post type and know that the private ones will really be private.
I hope that makes sense.
Other plugins I'm looking at are:
hidden link
https://wordpress.org/plugins/private-uploads/
Would either of those solve my issue?
Yes, I believe the Download Manager plugin is capable of providing the features you need to make some files public and others private. I can't answer your question about the two other plugins, though, I've never used them and have no reliable information about them.
