{"id":258116,"date":"2025-11-04T09:27:19","date_gmt":"2025-11-04T09:27:19","guid":{"rendered":"https:\/\/wordpress.org\/plugins\/z-authorized-attachments\/"},"modified":"2026-01-08T15:59:23","modified_gmt":"2026-01-08T15:59:23","slug":"z-authorized-downloads","status":"publish","type":"plugin","link":"https:\/\/bal.wordpress.org\/plugins\/z-authorized-downloads\/","author":11501547,"comment_status":"closed","ping_status":"closed","template":"","meta":{"_crdt_document":"","version":"1.2.7","stable_tag":"1.2.7","tested":"6.9.4","requires":"5.5","requires_php":"","requires_plugins":null,"header_name":"Zodan Authorized Downloads","header_author":"Zodan","header_description":"Adds an \"Authorized only\" meta field to attachments (visible in attachment edit screen and media modal) and manages a .htaccess rewrite section.","assets_banners_color":"b67efb","last_updated":"2026-01-08 15:59:23","external_support_url":"","external_repository_url":"","donate_link":"","header_plugin_uri":"https:\/\/plugins.zodan.nl\/wordpress-authorized-downloads","header_author_uri":"https:\/\/zodan.nl","rating":0,"author_block_rating":0,"active_installs":0,"downloads":575,"num_ratings":0,"support_threads":0,"support_threads_resolved":0,"author_block_count":0,"sections":["description","installation","faq","changelog"],"tags":{"1.2.4":{"tag":"1.2.4","author":"martenmoolenaar","date":"2025-11-04 09:27:03"},"1.2.5":{"tag":"1.2.5","author":"martenmoolenaar","date":"2025-12-10 10:00:51"},"1.2.6":{"tag":"1.2.6","author":"martenmoolenaar","date":"2026-01-07 13:56:08"},"1.2.7":{"tag":"1.2.7","author":"martenmoolenaar","date":"2026-01-08 15:59:23"}},"upgrade_notice":{"1.1.1":"<p>You must visit the settings page after upgrading to ensure <code>.htaccess<\/code> rules are regenerated with your chosen file types.<\/p>"},"ratings":[],"assets_icons":{"icon-128x128.png":{"filename":"icon-128x128.png","revision":3389808,"resolution":"128x128","location":"assets","locale":""},"icon-256x256.png":{"filename":"icon-256x256.png","revision":3389808,"resolution":"256x256","location":"assets","locale":""}},"assets_banners":{"banner-1544x500.jpg":{"filename":"banner-1544x500.jpg","revision":3433688,"resolution":"1544x500","location":"assets","locale":""},"banner-772x250.jpg":{"filename":"banner-772x250.jpg","revision":3433688,"resolution":"772x250","location":"assets","locale":""}},"assets_blueprints":{},"all_blocks":[],"tagged_versions":["1.2.4","1.2.5","1.2.6","1.2.7"],"block_files":[],"assets_screenshots":{"screenshot-1.jpg":{"filename":"screenshot-1.jpg","revision":3389507,"resolution":"1","location":"assets","locale":""},"screenshot-2.jpg":{"filename":"screenshot-2.jpg","revision":3389507,"resolution":"2","location":"assets","locale":""}},"screenshots":{"1":"Settings page where you define protected file types and user roles.","2":"Media modal showing the \"Authorized only\" checkbox."},"jetpack_post_was_ever_published":false},"plugin_section":[],"plugin_tags":[1346,2470,5440,88,250231],"plugin_category":[50],"plugin_contributors":[202731,243230],"plugin_business_model":[],"class_list":["post-258116","plugin","type-plugin","status-publish","hentry","plugin_tags-attachments","plugin_tags-authorization","plugin_tags-downloads","plugin_tags-files","plugin_tags-protected-downloads","plugin_category-media","plugin_contributors-martenmoolenaar","plugin_contributors-zodannl","plugin_committers-martenmoolenaar"],"banners":{"banner":"https:\/\/ps.w.org\/z-authorized-downloads\/assets\/banner-772x250.jpg?rev=3433688","banner_2x":"https:\/\/ps.w.org\/z-authorized-downloads\/assets\/banner-1544x500.jpg?rev=3433688","banner_rtl":false,"banner_2x_rtl":false},"icons":{"svg":false,"icon":"https:\/\/ps.w.org\/z-authorized-downloads\/assets\/icon-128x128.png?rev=3389808","icon_2x":"https:\/\/ps.w.org\/z-authorized-downloads\/assets\/icon-256x256.png?rev=3389808","generated":false},"screenshots":[{"src":"https:\/\/ps.w.org\/z-authorized-downloads\/assets\/screenshot-1.jpg?rev=3389507","caption":"Settings page where you define protected file types and user roles."},{"src":"https:\/\/ps.w.org\/z-authorized-downloads\/assets\/screenshot-2.jpg?rev=3389507","caption":"Media modal showing the \"Authorized only\" checkbox."}],"raw_content":"<!--section=description-->\n<p>This plugin allows site admins to protect specific attachment file types (e.g. Pdf, Doc(x)) from direct access. Instead, the files are served through WordPress, allowing you to check if a user is logged in or has the required permissions before granting access.<\/p>\n\n<p><strong>Features:<\/strong>\n* Adds a checkbox to media attachments to mark them as \"Authorized only\".\n* Creates an internal page and rewrite rules to intercept requests to protected file types.\n* Checks user login status (or other custom logic you add) before serving files.\n* Provides a settings page to specify which file types should be protected.<\/p>\n\n<h3>License<\/h3>\n\n<p>This plugin is licensed under GPLv2 or later.<\/p>\n\n<!--section=installation-->\n<ol>\n<li>Upload the plugin files to <code>\/wp-content\/plugins\/z-authorized-downloads\/<\/code> or install via the Plugins screen.<\/li>\n<li>Activate the plugin through the 'Plugins' screen.<\/li>\n<li>Go to <strong>Settings \u2192 Authorized Downloads<\/strong> to set which file types should be protected and which roles can download protected files<\/li>\n<li>Mark attachments as \"Authorized only\" in the Media Library to restrict access.<\/li>\n<li>Optionally, override the default permitted roles per attachment in the Media Library.<\/li>\n<\/ol>\n\n<!--section=faq-->\n<dl>\n<dt id='can%20i%20customize%20the%20authorization%20logic%3F'><h3>Can I customize the authorization logic?<\/h3><\/dt>\n<dd><p>Yes. The plugin checks if the user is logged in by default, but you can extend <code>handle_protected_request()<\/code> to add role checks or other conditions.<\/p><\/dd>\n<dt id='what%20happens%20to%20unprotected%20files%3F'><h3>What happens to unprotected files?<\/h3><\/dt>\n<dd><p>Files that are not marked as \"Authorized only\" will still be directly accessible by URL.<\/p><\/dd>\n<dt id='do%20i%20need%20to%20manually%20edit%20.htaccess%3F'><h3>Do I need to manually edit .htaccess?<\/h3><\/dt>\n<dd><p>No. The plugin will manage the <code>.htaccess<\/code> rules for you when you save settings.<\/p><\/dd>\n<dt id='do%20you%20have%20plans%20to%20improve%20the%20plugin%3F'><h3>Do you have plans to improve the plugin?<\/h3><\/dt>\n<dd><p>We currently have on our roadmap:\n* Make the plugin pluggable - adding hooks for certain checks.\n* Adding a custom capability to manage which users can edit settings (both general and per file).\n* Adding more translations.<\/p>\n\n<p>If you have a feature suggestion, send us an email at <a href=\"plugins@zodan.nl\">plugins@zodan.nl<\/a>.<\/p><\/dd>\n\n<\/dl>\n\n<!--section=changelog-->\n<h4>1.2.7<\/h4>\n\n<ul>\n<li>Fixed typo \ud83d\ude44<\/li>\n<\/ul>\n\n<h4>1.2.6<\/h4>\n\n<ul>\n<li>Renamed plugin to Zodan Authorized Downloads.<\/li>\n<\/ul>\n\n<h4>1.2.5<\/h4>\n\n<ul>\n<li>Protected file are now visibly marked in the Media Library.<\/li>\n<li>Added download log.<\/li>\n<\/ul>\n\n<h4>1.2.4<\/h4>\n\n<ul>\n<li>Updated sanitizing method for array of $_POST values to satisfy plugin check.<\/li>\n<\/ul>\n\n<h4>1.2.3<\/h4>\n\n<ul>\n<li>Added help text on the settings page.<\/li>\n<li>Added some screenshots.<\/li>\n<\/ul>\n\n<h4>1.2.2<\/h4>\n\n<ul>\n<li>Small adjustments to the rendering of the meta fields to have both versions (meta-box and modal) use the same code.<\/li>\n<\/ul>\n\n<h4>1.2.1<\/h4>\n\n<ul>\n<li>Fixed Bug in handling the meta-box update function where changes were not saved correctly.<\/li>\n<\/ul>\n\n<h4>1.2.0<\/h4>\n\n<ul>\n<li>Renamed plugin to Z Authorized Downloads.<\/li>\n<li>Added default Allowed roles to download files.<\/li>\n<li>Added file-specific Allowed roles to the media file meta-box.<\/li>\n<\/ul>\n\n<h4>1.1.1<\/h4>\n\n<ul>\n<li>Added settings page for specifying protected file types.<\/li>\n<li>Improved security: uses WP_Filesystem for file reads.<\/li>\n<li>Added caching to database lookups for performance.<\/li>\n<\/ul>\n\n<h4>1.0.0<\/h4>\n\n<ul>\n<li>Initial release with meta box and basic rewrite rules.<\/li>\n<\/ul>","raw_excerpt":"Protect documents from unauthorized download.","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/bal.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin\/258116","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bal.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin"}],"about":[{"href":"https:\/\/bal.wordpress.org\/plugins\/wp-json\/wp\/v2\/types\/plugin"}],"replies":[{"embeddable":true,"href":"https:\/\/bal.wordpress.org\/plugins\/wp-json\/wp\/v2\/comments?post=258116"}],"author":[{"embeddable":true,"href":"https:\/\/bal.wordpress.org\/plugins\/wp-json\/wporg\/v1\/users\/martenmoolenaar"}],"wp:attachment":[{"href":"https:\/\/bal.wordpress.org\/plugins\/wp-json\/wp\/v2\/media?parent=258116"}],"wp:term":[{"taxonomy":"plugin_section","embeddable":true,"href":"https:\/\/bal.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_section?post=258116"},{"taxonomy":"plugin_tags","embeddable":true,"href":"https:\/\/bal.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_tags?post=258116"},{"taxonomy":"plugin_category","embeddable":true,"href":"https:\/\/bal.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_category?post=258116"},{"taxonomy":"plugin_contributors","embeddable":true,"href":"https:\/\/bal.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_contributors?post=258116"},{"taxonomy":"plugin_business_model","embeddable":true,"href":"https:\/\/bal.wordpress.org\/plugins\/wp-json\/wp\/v2\/plugin_business_model?post=258116"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}