PHPMembers membership software is able to protect an entire web folder from being accessed by unauthorized visitors. To setup a protected web folder, click on Protect on the main menu, and then click on Protect Folder button.

You can manually input the folder path you would like to protect, or use File Picker to select it. The path must be the absolute path of the folder without a slash at the end.

You can select one or multiple groups which their members are allowed to access the folder. To select multiple groups, hold CTRL key on your keyboard and left click on the groups you would like to select. If no groups are selected, no visitors or members are allowed to access the web folder.

Public visitors or members who are not in the selected groups are taken to the redirect URL. You can use variable $1 in the redirect URL. The variable $1 stands for the file name which the visitor is trying to access.

The admin folder is an example of web folder protection. When you install the system, the installation wizard creates a web folder protection for the admin folder. The protection settings only allow members of the admin group to access files in the folder. Unauthorized visitors are taken to the login page, with a parameter called “URL” which is the link they are going to be redirected to after their successful login to the system as members of the admin group.

The URL parameter contains variable $1 which is the file name the visitor is trying to access. By default, the protection settings redirect unauthorized users to /login.php?url=/admin/$1. If a user try to access /admin/manage_users.php before he logs in as an administrator, he will be taken to /login.php?url=/admin/manage_users.php. Variable $1 is replaced by the file name 'manage_users.php' in this case.