{"id":82030,"date":"2018-02-21T22:38:20","date_gmt":"2018-02-21T22:38:20","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/jvm-protected-media\/"},"modified":"2022-09-28T09:22:51","modified_gmt":"2022-09-28T09:22:51","slug":"jvm-protected-media","status":"publish","type":"plugin","link":"https:\/\/szl.wordpress.org\/plugins\/jvm-protected-media\/","author":14773517,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"1.0.6","stable_tag":"trunk","tested":"6.0.11","requires":"4.4.1","requires_php":"","requires_plugins":"","header_name":"JVM Protected Media","header_author":"Joris van Montfort","header_description":"Protect access to all your media files and implement custom file access rules using hooks. Works for apache. No Multisite support.","assets_banners_color":"","last_updated":"2022-09-28 09:22:51","external_support_url":"","external_repository_url":"","donate_link":"https:\/\/www.paypal.com\/cgi-bin\/webscr?cmd=_s-xclick&hosted_button_id=VXZJG9GC34JJU","header_plugin_uri":"","header_author_uri":"http:\/\/www.jorisvm.nl","rating":0,"author_block_rating":0,"active_installs":0,"downloads":1576,"num_ratings":0,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","changelog"],"tags":[],"upgrade_notice":[],"ratings":{"1":0,"2":0,"3":0,"4":0,"5":0},"assets_icons":[],"assets_banners":[],"assets_blueprints":{},"all_blocks":[],"tagged_versions":[],"block_files":[],"assets_screenshots":[],"screenshots":[],"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[1346,88,84,1929,1178],"plugin_category":[50,54],"plugin_contributors":[93559],"plugin_business_model":[],"class_list":["post-82030","plugin","type-plugin","status-publish","hentry","plugin_tags-attachments","plugin_tags-files","plugin_tags-media","plugin_tags-protect","plugin_tags-protection","plugin_category-media","plugin_category-security-and-spam-protection","plugin_contributors-jorisvanmontfort","plugin_committers-jorisvanmontfort"],"banners":[],"icons":{"svg":false,"icon":"https:\/\/s.w.org\/plugins\/geopattern-icon\/jvm-protected-media.svg","icon_2x":false,"generated":true},"screenshots":[],"raw_content":"\n

Protect access to all your media files and implement your own custom file access rules using a hook. Works for apache with mod rewrite or nginx with some custom configuration. No Multisite support. This plugin is more or less a development tool for defining your own custom file access rules.<\/p>\n\n

For nginx you will need to modify the config file as nginx does not handle .htacess files. Add the following code:<\/p>\n\n

location ~ \"^\/wp-content\/uploads\/(.*)$\" {\n    rewrite ^\/wp-content\/uploads(\/.*\\.\\w+)$ \/index.php?jvm_protected_media_file=$1;\n}\n<\/code><\/pre>\n\n
Hooks<\/h3>\n\n
Without a custom hook all file access will be disabled. The user will see the 404 page for all requested files. Adding a hook is needed to handle your own file access rules. A simple example that could go into your functions.php:<\/p>\n\n
function my_file_access_rule($file_info) {\n    \/\/ Implement your own logic here\n    $userHasAccess = true;\n\n    if($userHasAccess) {\n        \/\/ Send the file output if users has access to the file\n        JVM_Protected_Media::send_file_output($file_info['path']);\n    }\n}\n\nadd_action( 'jvm_protected_media_file', 'my_file_access_rule');\n<\/code><\/pre>\n\n
The jvm_protected_media_file action has one parameter with the following file information:<\/p>\n\n
Array\n(\n    [id] => id_of_the_file\n    [url] => full\/url\/to\/your\/file\n    [path] => full\/path\/to\/your\/file\n    [is_resized_image] => bool (true if the requested file is a image thumbnail or resized version of an image)\n)\n<\/code><\/pre>\n\n
Actions<\/h3>\n\n
Available actions:<\/p>\n\n
    \n
  • jvm_protected_media_loaded (fires as soon as the plugin is loaded)<\/li>\n
  • jvm_protected_media_file (fires when a file is requested)<\/li>\n<\/ul>\n\n
    Functions<\/h3>\n\n
    To send the output of a file to you can call:<\/p>\n\n
    JVM_Protected_Media::send_file_output($fullPathToFile)\n<\/code><\/pre>\n\n\n
      \n
    1. Install the plugin from the Plugins or upload the plugin folder to the \/wp-content\/plugins\/<\/code> directory menu and then activate it. If your server does not meet the requirements the plugin will show a notification.<\/li>\n
    2. Define your own access rules in your themes functions.php<\/li>\n<\/ol>\n\n\n
      1.0.6<\/h4>\n\n
      Added nginx check and admin notice for nginx users.<\/p>\n\n
      1.0.5<\/h4>\n\n
      Tested up to 5.2.2 and added a comment for nginx usage.<\/p>\n\n
      1.0.4<\/h4>\n\n
      Better flushing of rewrite rules and plugin tested up to 5.0.3<\/p>\n\n
      1.0.3<\/h4>\n\n
      Fix for the .htaccess file being reset in some situations.<\/p>\n\n
      1.0.2<\/h4>\n\n
      Added a 24 hour cache time to the output. This effectivly trigger the 304 not modified header if the file is indeed not modified.<\/p>\n\n
      1.0.1<\/h4>\n\n
      Bug fix: When requesting files that are not in the media library the plugin was not calling the jvm_protected_media_file action. Fixed this. In this case the action is called but the file_id will remain empty.<\/p>\n\n
      1.0.0<\/h4>\n\n
      Initial release<\/p>\n\n
      Stable<\/h4>\n\n
      1.0.3<\/p>","raw_excerpt":"Restrict access to all your media files and implement your own custom file access rules.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/szl.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/82030","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/szl.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/szl.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/szl.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=82030"}],"author":[{"embeddable":true,"href":"https:\/\/szl.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/jorisvanmontfort"}],"wp:attachment":[{"href":"https:\/\/szl.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=82030"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/szl.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=82030"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/szl.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=82030"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/szl.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=82030"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/szl.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=82030"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/szl.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=82030"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}