End to End Setup Guide for Joomla Content Access Manager

Overview

Managing content access in Joomla often involves more than just setting visibility at the article or menu level. As websites grow to include private media, restricted areas, and role-based experiences, administrators need more precise control over how content is accessed and protected. The Joomla Content Access Manager extends standard Joomla capabilities by providing structured controls for URLs, files, user roles, and login access. It is designed to help site owners implement consistent access rules while maintaining performance, security, and compatibility across Joomla versions.

Installation Steps

• Login into your Joomla site’s Administrator console.
• From left toggle menu, click on System, then under Install section click on Extensions.
• Now click on Or Browse for file button to locate and install the plugin file downloaded earlier.

• Installation of the plugin is successful. Now click on Start Using Joomla Content Access Manager Plugin button.

Configuration Steps

Step 1: Configure Media Restriction

• Go to the Settings tab. Under the Media Restriction sub-tab, enable the Media Restriction toggle to activate media restriction.
• In the File types to restrict field, you can add file type extensions by typing the extension name and pressing Enter. You can also add multiple file extensions.
• In the Enter the folder name field, you can specify the folders you want to control access to by entering the folder names, separated by a semicolon (;).
• Now select the Redirect Option from the dropdown. Here, you can choose to redirect users to a 403 page, the Joomla frontend or backend, a custom URL, or an SSO URL.

• You can view all your media folders by navigating to Content → Media.

• Then click on the Save Settings button. You will see lines of code that you need to add to your .htaccess file. If you prefer not to do this manually, click the Write rules in htaccess directly button.

• If you are using an NGINX server, go to the NGINX tab, copy the code, and paste it at the beginning of your NGINX configuration file.

Step 2: Configure Page Restriction

• Go to the Page Restriction tab. Here, you can enable the Auto redirect all pages option to redirect users to a link of your choice whenever they try to access an article page on your site.

• To further control access, enable the Enable page based restriction option. Then, select either White list URLs or Black list URLs based on your requirement. In the Enter the URLs field, add the relative URLs, separating each URL with a semicolon (;), and choose the desired redirect option for restricted URLs.

• If you want to restrict access based on IP addresses, enable the Enable IP based restriction option. Then, select either White list IPs or Black list IPs, and add the IP addresses in the Enter the IPs field, separating each IP with a semicolon (;).

• Additionally, to apply IP-based restrictions specifically to the backend, enable the Enable IP based restriction for backend option. Then, select either White list IPs or Black list IPs, and enter the IP addresses in the Enter the IPs field, separated by a semicolon (;).

• Then click on the Save Settings button to save your configuration.

Step 3: Configure Role-Based Access Control

• Next, go to the Advance Settings tab and open the Role based folder access section. Enable the Enable Role Based Media Access option, then enter the folder names for each user role, separating multiple folder names with a semicolon (;). Once done, click the Save Settings button.

• Next, under the Advance Settings tab, switch to the Role based page restriction section and enable the Enable Role Based Restriction option. Then, choose the desired redirect option, enter the page or article URLs, assign the roles that are allowed to access them, and click Save.

• Next, under the Advance Settings tab, switch to the Role based redirection section. Here, you can enable Role Based Redirection for SSO/login and define redirect URLs for each user role after login.
• Similarly, you can enable Role Based Redirection for Logout and specify the redirect URLs for each role after logout.
• If needed, you can also enable the Block Users to Login option and select the roles you want to restrict from logging in. Once configured, click Save Settings to apply the changes.

By following the above steps, you can effectively configure media, page, and access restrictions on your Joomla site using the Content Access Manager. These settings allow you to control who can access specific content, restrict access based on roles or IPs, and define custom redirection behavior to enhance both security and user experience. Make sure to review your configurations and test them to ensure everything works as expected.

Related Articles

• Easily integrate with miniOrange Joomla SSO extension.
• Key features of our Joomla Content Access Manager extension.