Folio Gatehouse

Folio Gatehouse lets you protect files inside your uploads directory by restricting access to specific WordPress user roles. Files are served through PHP — the web server never delivers them directly — so direct URL access is blocked regardless of link sharing.

Key features:

• Zone-based protection — define named zones (subfolders inside your uploads directory) and assign allowed roles to each
• Custom denial screens — create HTML pages shown to blocked users, with full control over styling and messaging; separate screens for anonymous and logged-in users
• Redirect on denial — optionally redirect denied users to any URL (e.g. a sales page or membership signup) instead of showing a denial screen
• Login redirect shortcode — [rbfa_login_link] inserts a secure login link that returns the user to the originally-requested file after authentication, using an opaque token so no file path is exposed in the URL
• Zone virtual pages — each zone automatically gets a front-end page at /protected-zone/{slug}/ with customisable title and body content, rendered inside your active theme
• Browsable file listing — [rbfa_files] shortcode renders a collapsible, downloadable file listing for authorised users, with per-directory file counts, sizes, and ZIP download buttons
• Access logging — every request is logged with timestamp, username, IP, file path, and status; filterable, sortable, and exportable as CSV
• Role management — create and manage custom WordPress roles (fgh_ prefix) directly from the plugin, with searchable member management
• .htaccess integrity — automatically writes and repairs rewrite rules across all protected directories; optional hourly cron
• NGINX support — dedicated tab generates ready-to-copy location blocks when NGINX is detected
• Export / Import — back up and transfer zones, roles, denial screens, and settings as a JSON file; conflict resolution on import

Security

• Files served through PHP (readfile) — web server never delivers protected files directly
• Path traversal blocked by realpath() boundary check before any file is served
• Login redirect tokens are opaque — no file path, role, or zone information in the URL
• Denial screen HTML filtered through a strict wp_kses allowlist on save and read-back
• CSRF protection on every form via WordPress nonces
• All ORDER BY clauses use a server-side whitelist to prevent SQL injection

Requirements

• Apache with mod_rewrite enabled, or NGINX (with manual server block configuration — see the NGINX Config tab)