Restricting Backend Users to Access Download Monitor Files: A Guide for WordPress Administrators

Download Monitor is an incredibly versatile plugin for managing and tracking digital file downloads on WordPress websites. 

Download Monitor offers a wealth of features, from accurately tracking and tallying downloads to creating download access restrictions and advanced analytics for reporting, to name but a few. 

Recently we were asked a question by one of our users:

“As a WordPress admin, how can I restrict backend files accessed by user roles and specific users?”

Not one to shy away from a challenge, the team stepped up and solved their question. It presented an interesting case. As a result, we thought we’d share our solution in case you ever face it as a WordPress administrator. 

Onward, let’s start with the why?

Why limit access to digital downloads?

There could be various reasons you need to restrict access to backend files; it could be sensitive information or confidential documents only meant for specific individuals, not the whole company or the general public.

It might be a case of your website being private or password protected; while both methods can add a layer of protection, backend users could still have access to downloads. 

Restricting access to backend files and only allowing authorized users with the proper access level can save you from a security nightmare. No leaked documents and no headaches for you as the website administrator!

Let’s use a scenario as an example:

  • Our downloads contain information not meant for the general public; documents like internal meetings are only viewable by shareholders, etc.

There’s nothing wrong with that; it’s easy to set this up using Download Monitor. But let’s throw a spanner in the works. 🔧

  • The shareholders/management have asked you to grant access to the website for an SEO company. Now, this could be more than one user; it could be a team of people!

Now, here’s the dilemma, if you grant access to the website, this SEO company could view all your internal meeting files or other sensitive documentation.

Not ideal; we’re sure you can agree. 

As a WordPress administrator, you’ll undoubtedly have had some weird and wonderful requests, but this one? This scenario? 

Well, it’s solvable, all thanks to Download Monitor.

Breaking out the toolkit 🛠️

💡 To solve the problem, we need Download Monitor (goes without saying!) and the extension Advanced Access Manager installed and activated.

Download Monitor Lite will provide us with the tools to create, edit, and administer downloads on the WordPress website. 

The Advanced Access Manager will allow us to introduce rules to implement restrictions based on specific users and user roles.

How to restrict backend users from accessing Downloadable files

We’ll take you through the steps required to restrict backend access to downloads, but first, let’s look at setting up Download Monitor.

Download Monitor

Grow your audience, track download performance, and convert your traffic into email subscribers with an easy-to-use digital downloads solution for WordPress.

Setting up Download Monitor

Log into the WordPress dashboard and access the Plugins area from the left panel.

Click on the Add New option to enter the plugin repository. Use the search bar to search for Download Monitor

Click the Install Now button, then activate the plugin by clicking the Activate button.

New “Downloads” addition to the WordPress admin sidebar

Once the plugin is installed and activated, you’ll see a new Download option that will pop up in the WordPress dashboard.

Next, we’ll look at getting the Advanced Access Manager extension up and running. 

Setting up the Advanced Access Manager extension

Once Download Monitor is installed and activated, we’ll need the Advanced Access Manager extension in the complete plan

To install and activate Advanced Access Manager extension, here’s how to do it: 

  • Visit the pricing page of Download Monitor and click on the Pricing button on the website’s top menu bar.
  • Select the Complete Plan option from the list of available plans.
  • Click Buy Now and follow the on-screen instructions to complete the process.
  • Once purchased, you’ll receive an email with a license key for all the extensions.
  • Download the Advanced Access Manager from the list of extensions directly from the email.
  • To add the extension, click the Add New button in the plugins tab on the WordPress dashboard and select Upload Plugin
  • Attach the zip file and click on Install now.
  • Lastly, activate the extension by clicking on extensions under downloads. Under the Installed Plugins list, enter the license key and email and click activate. Make sure to enter the correct details!
Advanced Access Manager Installed, Now for Activation!

Now that we have both plugins in place. Let’s look at how to restrict downloads. 

Creating user-level restrictions on downloads

In the next step, we will explore how you, as the WP admin, can restrict access to a download for users based on user role and username. This method can apply to existing files as well as new ones. 

Let’s say you’d like to restrict access by default user role. WordPress offers five default user roles: Subscriber, Contributor, Author, Editor, and Administrator (you!).

If you’d like to restrict by a default user role, see below: 

  • From the WordPress admin dashboard, hover your mouse over Downloads and select Add new from the sub-menu.
  • Fill in the fields to publish the download, including the download title and description, and upload your downloadable files.
  • You’ll find the Advanced Access Manager settings meta box in the same window displayed when the extension is active.
  • To provide access or restrict default user roles for the download, create a new rule by clicking “Add rule.”
  • A new row is created with some field requirements to fill. 
  • Under the GROUP field, you can choose an entire user role or a specific user based on username.

For example: if you only want the user role of Editor to have access to the download file, then the GROUP field will be filled with Role, GROUP VALUE with Editor, and CAN DOWNLOAD with Yes.

Also, a separate rule needs to be added to bar access to the download for all other users by setting the GROUP field to Anyone and the CAN DOWNLOAD field to No.

User Role Based Restriction

You can also place certain restrictions based on a download amount or date period by choosing the restriction type from the drop-down under the RESTRICTION column and adding a value under RESTRICTION VALUE.

Creating a user-specific restriction

For restricting a specific user is similar, except that under the GROUP field, “User” will be selected from the drop-down, and GROUP VALUE will be filled with the username of the specific user.

Only one user role or user can be assigned with a single rule; if more users based on user roles or usernames are to be restricted, new rules must be created.

User Based Restriction

The ability to establish rules that apply to all downloads can happen by utilizing the Global Rules feature, which is incredibly useful if you’d like to use similar access restrictions across multiple downloads—saving you time!

Let’s say; you only want users with the role of “Author” to have access to downloads; you can easily create rules under the Global Rules setting, eliminating the need to create individual rules for each download.

Example of Global Rules

It is essential to note that Download-Specific rules take precedence over Global Rules. If a user type is restricted by a Global Rule but granted access by a Download-Specific rule, the latter will take effect due to priority.

Creating a new user role with custom permissions

From our original scenario, the SEO company now would like access to make changes to text content, so we could create a new user role called SEO. 

However, we must put some restrictions to protect our sensitive downloads from prying eyes.

As you may have guessed by now, there’s a plugin for that! The plugin is called Members, essentially a member and user role editor plugin. This plugin makes it easy to customize user roles, grant permissions, and restrict access to site content.

The user-friendly Members interface makes managing user rights a breeze, enabling you to easily control what users can see and do on your website.

Installing the Members plugin is as straightforward as installing Download Monitor, so follow the process, but search for Members!

Steps to add a new user role using the Members plugin

With Members installed, we’ll need to create a user role for the SEO company. Follow these steps to add a new user: 

  • Navigate to the Members tab and select Add new role
  • A new window will appear with an option to enter a name field and choose capabilities to assign to the new user role.
  • If you’d like to extend access to manage the Downloads folder by the new user role, head to Downloads. 
  • In the new tab, admin users can either grant or deny the download capability of the new user role based on selected preference. 
  • On clicking Grant, the users created under the new user role can manage the downloads on their dashboard. 
  • If Deny is selected, no Download tab will display in the backend.
Adding a new role with the Members plugin

More security for downloadable files

We’ve established that the SEO company needs to make content changes at the text level; they will not need access to media files, uploading or downloading them. 

The Members plugin has a setting that will prevent access; see below for the setting:

Members Role Permissions

Using this method means that the role of SEO will never be able to access the media folder or upload documents or files. 

By mixing and matching capabilities using the Members plugin in connection with Download Monitor/Advanced Access Manager, you can create a unique, secure, and foolproof way to prevent your files from being accessed. 

That’s peace of mind for you as a WordPress website administrator and stops the higher-ups from worrying about sensitive documents falling into the wrong hands. A win-win.


To summarize, let’s review the steps covered in this article.

  • Install and activate the Download Monitor plugin.
  • Install and activate the Advanced Access Manager extension.
  • Set download access rules on new and existing downloads.
  • Create new user roles with the Members plugin and assign download capabilities.  

So, you know how to restrict access to downloadable files; the best part is that it’s super simple. You don’t have to be a WordPress whizz to protect your digital files!

Thanks to the simplicity (actually, we’re doing it a disservice, a lot is going on under the hood!) of Download Monitor and Advanced Access Manager, you can restrict access by user or user role.

There’s a lot more to Download Monitor; the free version does an awful lot, but if you need to ramp up a gear, why not take a look at Download Monitor pro?

Download Monitor

Grow your audience, track download performance, and convert your traffic into email subscribers with an easy-to-use digital downloads solution for WordPress.

Avatar photo
Raiber Cristian

Self-taught entrepreneur with a deep passion for learning, understanding human nature, and what drives businesses forward. CEO of WPChill. Our products are being used by over 750,000 users, every day. Connect with me on Twitter.

Start Protecting your WordPress Downloads

Protect and track downloads on WordPress... What are you waiting for?