Categorize and Secure Your WordPress Media Files with Media Management Plugin

WordPress includes its own media library, supporting users in uploading and utilizing media files for their websites. However, it has a limitation – a lack of control for custom management of media files through various folder categories. This drawback is effectively addressed by the Media Management plugin, which enhances the customization of the media library by organizing media into categorized folders. Furthermore, the plugin implements folder restrictions for logged-in users, allowing you to control access based on user roles such as editor, admin, author, contributor, or subscriber. The plugin also provides the flexibility to create custom roles and set folder access restrictions accordingly.

In addition to user role-based restrictions, the Media Management plugin offers the option to limit access to folders based on attributes, such as Attributes Key and Attributes Value. This comprehensive approach ensures a robust level of security for your media folders. Follow the steps in the guide below to install this plugin.

Configuration Steps

1. Organize Media into Categorized Folders

• Navigate to the WordPress dashboard and access your Media Library.
• Within the media library, you can organize your media files into specific folders as per your requirements. To create a new folder, click on Add Folder and to further upload your media files into the folder, select the folder you want to upload in and then click on Add New Media File to initiate the uploading.


• You can also create a sub folder inside your parent folder by clicking on the parent folder first and then clicking on the Add Folder to create a sub folder. To view all your sub folders, click on the downward arrow, as illustrated in the image below. This allows you to effectively structure your media files into parent and subfolders, improving accessibility.


• Upon completing the upload, make a note of the corresponding Folder No. displayed. This information will be necessary for restricting media files based on role-based access.


• Note: Restricting a specific folder will also restrict all its subfolders.

2. Enable Folder Restriction

• Go to the miniOrange Prevent Files / Folders Access plugin on the WordPress dashboard and choose miniOrange Files Restriction.


• You now have the option to activate folder restriction through one way out of two options: enabling folder access for logged-in users and enabling Role-Based folder access.

A. Enable Folder Access For Logged-in Users:

• If you want to activate Folder access to logged-in users, simply toggle the switch as demonstrated below:



B. Enable Role Based folder Access:

• If you want to activate Role Based folder access, Enter the folder names in front of every role such that the particular folders will only be accessed by corresponding roles.



Note: The above settings imply that:

• Folder ID : 1 will be only accessed by Administrators (Administrator can access any folder in WordPress instance irrespective of roles restriction).
• Folder ID : 2 will only be accessed by users with the Editor role, and no other role will be able to access Folder-2 (except Administrator).
• Folder ID : 3 will only be accessed by users with the Author role, and no other role will be able to access Folder-3 (except Administrator).
• Folder ID : 4 will only be accessed by users with the Contributor role, and no other role will be able to access Folder-4 (except Administrator).
• Folder ID : 5 will only be accessed by users with the Subscriber role, and no other role will be able to access Folder-5 (except Administrator).
• You can also assign multiple folders to a role, just write the folder names separated with comma. For example, if you want Editor to have access to Folder ID : 1, Folder ID : 2 and Folder ID : 3 then write Folder ID : 1, Folder ID : 2, Folder ID : 3 in the field corresponding to Editor.
• Click the Save Settings button.
• Click on the Show Rules button and select the tab corresponding to your server, you will find the required rules there, and update the rules in the corresponding file.



C. Enable Attribute Based Folder Access:

• If you want to activate Attribute-Based folder access, provide the Attributes Key, Attributes Value, and the folder name for which you intend to grant folder access.
• You can add multiple attributes and do to so click on Add Attribute. Refer the image below for reference


• After you are done with your configuration. Click the Save Settings button.

Congratulations! You have effectively implemented Media Restriction based on file extensions and successfully applied folder restrictions to your organized media files. This includes access controls for logged-in users, as well as restrictions based on Role and Attribute parameters.




Additional Resources

• Prevent direct access to WordPress media files
• WordPress Single Sign-On (SSO) OAuth / OpenID Connect / JWT
• What is OAuth 2.0 and how does it work?
• Frequently Asked Questions (FAQs)