Add access restrictions to specific items of the WordPress Media Library.
Ever wanted to make your media truely private? Make sure images, videos and other files are only accessible to chosen roles, or cannot be hotlinked, with permissions specifically set per item.
This plugin adds the following major features to WordPress:
pvtmed_forbidden_response_content
(apply_filters( 'pvtmed_forbidden_response_content', $forbidden_response_content, $file );
) and pvtmed_forbidden_mimetype
(apply_filters( 'pvtmed_forbidden_mimetype', 'image/svg+xml' );
).pvtmed_is_authorized
filter (apply_filters( 'pvtmed_is_authorized', $authorized, $attachment_id );
) to apply more complex conditions for authorization.wp-content/pvtmed-uploads
folder (or equivalent if WP_CONTENT_DIR
is not the default) ; fallbacks are in place to make sure: A Must Use Pluginpvtmed-endpoint-optimizer.php
is installed automatically to make sure WordPress is loaded as lightly as possible when requesting restricted media items. Developers can safely edit it to enable their plugin to execute during such request if necessary.
The media privacy policy is set per media item – therefore, this plugin is not a replacement for general image hotlink prevention plugins, but is ideal for anyone looking for preventing direct links to files depending on specific conditions.
This section describes how to install the plugin and get it working.
/wp-content/plugins/private-media
directory, or install the plugin through the WordPress plugins screen directly.pvtmed_private_upload_url
and pvtmed_htaccess_rules
filters (see this support request for details)