How to protect your library/file directory

When using Filr, your library files are stored in a directory. In this guide, we’ll explain what this is, how to set it up, and then how to protect it, all with Filr.

What is a directory?

In WordPress, a directory is essentially a folder in the database of your site where specific files are stored. Your WordPress files and directories are stored on your web hosting server.

Most people never need to access these when running their website. You still won’t when using Filr, but you will be creating a folder in Filr’s settings specifically for your library files – to keep them nice and secure.

How to create your file directory

Setting up your file directory is simple with Filr – you can do it right from the settings page:

  1. From your WordPress dashboard, go to Filr > Settings and click the Status tab at the top of the page. On this page, you’ll find all the settings you need to set up and protect your directory.
filr directory creation and protection
  1. To create yours, enter a name for your directory in the field next to Your downloads directory. We recommend keeping this simple. Something like ‘filr’ will do.

Now we’ve created your directory, let’s make it secure.

How to protect your Filr directory

To protect your Filr directory and, therefore, the files you upload to your library, take the following steps:

  1. Scroll down the page until you reach the Protection section. The text next to this will tell you if your directory is protected or not.
filr protection status
  1. If you’re setting up Filr, this will likely say your directory is not protected. In this case, we’ll need to select your Protection Mode.
    1. If you are using an apache server, you can choose .htaccess protection.
    2. If you are using another server type (like Nginx or windows) you should use index.php to successfully protect your files
    3. If you select No Protection, your files will be free to access.
filr encrypt download links
  1. Once this has been selected, you can move on to securing your download links and URLs:
    1. Secure download links hide the path to the file and replaces it with the post ID instead. Typically files in the WordPress media library show the full path to the file in your directory, which you might not want.
    2. Encrypt File-ID in URL will remove the post ID from the download URL and instead replace it with a string of random letters instead.
  2. Once you’re happy with all your changes, you can click the Check directory protection to make sure your directory can’t be accessed.
  3. Then scroll to the bottom of the page and click the purple Save Changes button.