Community Support Forums

Hi there,

if you set URI restrictions for example:

URIs That Require Highest Level #4:
restricted

then wordpress posts URL are protected.eg this works ok: www.mysite.com/restricted/postname
but it does not work with existing filename - e.g
www.mysite.com/restricted/filename.mp3
is accessible for everyone regardless of word "restricted" being set in s2member options.
Is this a bug or correct behaviour?

Hi there. Thanks for the excellent question.

Yes, that is the intended behavior; because s2Member is a "plugin" for WordPress®. Therefore, it is ONLY applicable to content that you create inside WordPress®. In other words, files that exist outside of WordPress® will remain unaffected by your s2Member configuration, because s2Member is not being loaded up during the HTTP request in those cases.

All of that being said. There is a work-around. Here is a clip from the Changelog where a new feature was added to provide a way for site owners to use s2Member to protect files that are not even a part of WordPress®.

Since s2Member v3.1.5
New feature. It is now possible to protect files that are NOT even a part of WordPress®. You can accomplish this by placing any set of files or folders inside the `/plugins/s2member-files/` directory. Then, you can configure Inline Extensions under, `s2Member -> Download Options -> Inline Extensions`. Using this technique, you can now protect ANY file, using Download Keys and Inline Extensions. For full details, see: `s2Member -> Download Options`. Note, don't be fooled by the word "Download", this feature is much more powerful than it seems at first glance. If you get confused, please write in on the forums for assistance from the community.

Related thread: viewtopic.php?f=4&t=287&p=1263&hilit=protecting+files#p1242