This forum has moved to a new location and is in read-only mode. Please visit to access the new location.


Is there any way to restrict the access to or manage the visibility of specific folders in the media manager?

Scenario: I have 2 different users. As super user I create a dedicated folder in the root level of the media manager for both of them, e.g. "user folder 1" and "user folder 2". How can I prevent user 1 to see the contents of user 2? I am not thinking about folder access rights, a simple approach like hiding folder 1 from user 2 would already do the trick.

Thank you in advance!


Meanwhile I tried to overwrite the storage config in the plugin's boot function. The following is basically working:

Config::set('', 'user folder 1');

Now I need to determine the user automatically. Unfortunately I cannot access BackendAuth::getUser() at the right time. When using App::after the media manager is already initialized, when using App::before I don't have the user information.

Any suggestions?


There is no feature to do this per user, but you can restrict folders in the media manager configuration


Just another thought to this theme: Files in the /storage/app/media folder can be accessed directly by using the url in the browser - or from any other website.
To prevent this a .htaccess in /storage/app/media/ - or a subfolder of this path where access is to be restricted - with the following lines helps:

# Simple File List Access Restricter
RewriteEngine On

# 1) If NOT the current host
RewriteCond %{HTTP_HOST}@@%{HTTP_REFERER} !^([^@]*)@@http?://\1/.*
RewriteCond %{HTTP_HOST}@@%{HTTP_REFERER} !^([^@]*)@@https?://\1/.*

# 2) Deny access to these types (complete them as required)
RewriteRule \.(gif|jpg|jpeg|png|tif|pdf|wav|wmv|wma|avi|mov|mp4|m4v|mp3|zip?)$ - [F]

Best regards

Last updated

1-4 of 4

You cannot edit posts or make replies: the forum has moved to