Why You Should Assign Password to WordPress Files and How?

by Sarah Parker in Tutorials / wordpress on 29 Jan 2015

No matter whether you’re a novice or a seasoned WordPress professional, you may like to limit how some of your website files are accessed or viewed. It’s obvious, most of us, at times does not feel the need to share our website resources to all our users.

Probably by now, you would be thinking how you can restrict access to your WordPress files. A viable solution would require you to assign password to the users, whom you would like to share your resources. Put it simply, you can password-protect your WordPress installation files.


When it comes to performing such action, most of you, especially beginners or non-tech savvy individuals have a spontaneous tendency to look for a WordPress plugin that can help meet your goals. Undoubtedly, WordPress plugins provide you with everything that help you meet your website development needs. But, there will be times when you can’t find one that meet your exact needs.

In this post, I will show you how you can restrict access to your WP files with passwords manually, by writing code that allows only some users (or registered members) to access them. Before proceeding further, I would like to discuss with you some of the benefits you get to enjoy, by password-protecting your WordPress files.

Benefits of Password-Enabled WordPress Files

Making your files available to only those users having password to access them can prove beneficial to your in many ways. Let us take a look at those all the benefits you get:

Serves as a Marketing Strategy: Almost every website owner spends huge chunks of money in running promotional campaigns, to bring good traffic to their site. Wouldn’t it be better if we could meet the same objective without splurging huge amount of money? That’s exactly, what you can achieve by making your files password-enabled.

Wondering how?

We all love to explore things that are hidden from rest of the world! Likewise, assigning password to files will most likely create curiosity among users to access them. And so, users will show interests in becoming members of your site. This will save you from running special marketing campaigns to promote your website.

Keep a Tab on Users Activities: When users will log-in into your WordPress admin backend to download the password-enabled files, you’ll know how many users are actually interested in your website resources. Not only this will make you able to keep a tab on the number of users accessing your site, but will also give you an idea of users whom you can pitch for other services.

How to Make WordPress Files Password-enabled?

Here I’ll be writing a simple code using which you can make your media files password-enabled, which can only be downloaded by the logged-in users (the ones having password of the files they want to access). Make sure to add this code to your theme’s functions.php file:

if ( is_user_logged_in() ) { ?>
<p><strong>Click links to download Media file</strong></p>
<a href="http://localhost/wordpresstheme/wp-content/uploads/2014/12/gr.png" download>Download Image</a>
<a href="http://localhost/wordpresstheme/wp-content/uploads/2014/12/gr.png" download>Download Image</a>
<a href="http://localhost/wordpresstheme/wp-content/uploads/2014/12/gr.png" download>Download Image</a>
<a href="http://localhost/wordpresstheme/wp-content/uploads/2014/12/gr.png" download>Download Image</a>
else {
<p><strong>Some content are password protected if you want top see click the below link </strong><br/>
	<a href="<?php echo site_url(); ?>/wp-admin">See content</a>
<?php }

For non-programmers, making even small changes or tweaks to WordPress theme’s file is not less than a nightmare. Besides, they would find the code hard to understand. So, to help you out let’s break the code down:

1. In the very first php code snippet, a conditional tag is included:

<?php if ( is_user_logged_in() ) { ?>,

This tag contains WordPress’ built-in function: is_user_logged_in(). This function is used to evaluate whether the user is logged-in into WordPress admin panel. Only, the logged-in users can download the media files i.e. images files. The aforementioned conditional tag will allow a user to download the image, when it is ‘True’. That’s it! Task accomplished. But if the value of the conditional tag is false, then it will skip rest of the code and move to the else part.

2. This step will only take place if the conditional tag is ‘False’ (this means that the user demanding access to the file is not a logged-in user). The else part will get executed, and your users will be presented with a non-login screen such as the one shown in the screenshot below:

As you can see, there is a hyperlink ‘See Files’. Clicking on it, will take the user to the wp-admin login page.

Wrapping Up!

WordPress provide us with tons of amazing features and capabilities, and making your files password-enabled to allow only members to download them is one great capability you can enjoy. Doing so, will not only prove to be a good marketing strategy but will also limit the access of your files to authenticated users only.

However, instead of using a plugin, you can write a simple code to assign password to your files.

Written by Sarah Parker

Sarah Parker is an experienced Wordpress developer who helps in converting PSD to wordpress theme and share her experiences to users. With this article, she is making people aware about how you should assign password to wordpress files.

Sarah Parker has written 1 posts.