AAM Protected Media Files


Prevent direct access to the unlimited number of media library items either for visitors, individual users or groups of users (roles). This plugin does not modify a physical file’s location or URL.

The AAM Protected Media Files plugins is the official add-on to the free Advanced Access Manager (aka AAM). While this plugin actually manages physical access to the media files, AAM provides the UI interface to define access to files.

Few Facts

  • It requires a simple manual steps in order to configure a webserver to protect direct access to /wp-content/uploads folder. For more information, please check our installation instructions;
  • It does not change a physical file’s location, content or URL. Upon deactivation, everything goes back to normal;
  • It protects all the allowed by WordPress core file types and those that are extended with third-party plugins (e.g. .svg, .sketch, etc.). For the list of all allowed extensions, check official WP documentation for the wp_get_ext_types() core function;
  • It allows you to manage access to any media file for visitors, any individual user, roles or even define the default access to all media files for everybody (this one is available with premium add-on for AAM plugin);

For more information about how properly install and use it, refer to our documentation.


  • Restrict access to media file with AAM UI
  • Restrict access to media file while editing it


  1. Upload aam-protected-media-files folder to the /wp-content/plugins/ directory.
  2. Activate the plugin through the ‘Plugins’ menu in WordPress.
  3. Configure your webserver to redirect all media request to access handler as described in installation guide.


Lês alle 2 resinsjes

Meiwurkers & amp; Untwikkelders

“AAM Protected Media Files” is iepen boarne software. De folgjende minsken hawwe bydroegen oan dizze plugin.


Oersette “AAM Protected Media Files” yn jo taal.

Ynteressearre yn ûntwikkeling?

Blêdzje troch de koade , besjoch de SVN-repository , of abonnearje op it ûntwikkelingslogboek troch RSS .



  • Changed: Bumped up the minimum required WP version to 5.0.0





  • Changed: Renamed the 401 redirect option to “Use Access Denied Redirect For Restricted Media Items”






  • Fixed Bug: Incorrectly computed file path on NGINX servers


  • Fixed Bug: Incorrectly computed physical path to a file when website is located in subfolder



  • Fixed Bug: User was not redirecting properly when access was denied. Incorrectly handled HTTP redirecting
  • Fixed Bug: Incorrectly managed file search when media file’s name follows reserved naming convention


  • Fixed Bug: AAM URI Access access options were not honored for stand-alone files in the uploads folder
  • Added New: Introduced new AAM settings that enables Access Denied Redirect service when access is denied to protected files


  • Initial version