Groups File Access

File downloads for authorized users

Groups File Access is a WordPress plugin that allows to provide file download links for authorized users. Access to files is restricted to users by their group membership.

  • Provide file downloads for Premium Members.
  • Allow registered users to download files from your site.


  • Restrict access to downloads to authorized user groups
  • Full multisite support (WordPress network installations)
  • File management area
  • Upload files via FTP and bulk import
  • File access notifications (customizable)
  • Flexible shortcodes: [groups_can_access_file], [groups_can_not_access_file], [groups_file_info], [groups_file_url], [groups_file_link], [groups_file_visibility], [groups_file_access_service_key]
  • Limited or unlimited number of downloads per user
  • Key authentication file access

Access to files is restricted by group membership. To be able to download a file, a user must be a member of a group that is assigned to the file. If an access limit has been set for the file, the user must also have accessed (downloaded) the file fewer times than the file’s access limit.

If you want to restrict access to a file to users that belong to a certain group, create the group, add the desired users to the group and assign the group to the files that the group should be able to access. More than one group can be assigned to a file.

Shortcodes are used on posts or pages to render links to files, provide information about files and conditionally show content to users depending on whether they are allowed to access a file.

For example, the [groups_file_link group="Premium"] shortcode renders links to files that members of the Premium group can click to download the files.


See the Groups File Access product page.

The GFA PDF Viewer is a free integration with PDF Viewer.


See the Group File Access documentation pages.


Please visit the Demo site.

756 Responses to Groups File Access

  1. Julian October 15, 2020 at 2:35 pm #

    Where can I find old versions please?

    We have this plugin on our site, however a developer who no longer works with us customised it for some specific requirements. He didn’t use git very well, so we are faced with a problem with upgrading the plugin – we can’t cleanly see what is custom and will need to be repeated.

    If I could get hold of clean versions from 1.6.3 onwards I could build up a change history in git and diff against his mods – this would then allow us to keep upgrading and re-apply our changes each time.

    I logged in to Envato but that only has the latest version.

    Any suggestions please?

    • Kento October 17, 2020 at 12:27 pm #

      Hi Julian,

      Thanks for using our tools! We do not provide old versions and I would suggest to avoid any modifications to the extension itself and rather do any customizations outside of it where possible. But if you need to figure out where your previous developer has made changes, you could start by doing a $ diff -r -q your-version-folder current-version-folder to see which files have been modified and then dig into them deeper. Again, hacking the extension itself and maintaining it in that way is not something I can recommend, it would at least require a very disciplined approach to be able to maintain it, which your previous developer obviously didn’t apply. Try to put any customizations outside of the extension and use existing filter and action hooks instead. If you discover that you need any additional action or filter hooks, feel free to suggest them and we’d be happy to take your suggestions into account.


  2. Rodd August 17, 2020 at 9:37 pm #

    I have what I am considering a bug. I installed groups and it works pretty well for managing parents.

    I paid for File Access and discovered that it doesn’t support parents.

    Can you either fix it, or add an option or a checkbox that allows the system to recognize parents.

    Group A
    – Sub-Group 11
    – Sub-Group 12
    Group B
    – Sub-Group 21
    – Sub-Group 22

    If I assign Group A to a file, I would expect Sub-Groups 11 and 12 to automatically gain access.

    • Kento September 21, 2020 at 11:45 am #

      Hi Rodd,

      Thanks for your feedback on this. I think that it would be interesting to have the option but not necessarily make it as the default.


  3. Tim H August 13, 2020 at 3:16 pm #

    When a visitor tried to download a file that is protected by Groups (Files add-on) they get a page that says “Forbidden. You don’t have permission to access this resource on this server.”

    Is there a way to change this message to something less frightening to users, or preferably redirect the user to another page explaining what went wrong.

    • Kento August 14, 2020 at 1:59 pm #

      Hi Tim,

      You could customize the error responses that your server issues and set up redirects, see Custom Error Responses from the Apache documentation for example.


      • Timothy Houghton August 17, 2020 at 8:54 am #

        Hi Kento,

        Thanks for the reply but unfortunately it doesn’t appear to do anything.

        I’ve put:
        ErrorDocument 403 ‘Test message.’
        into the root htaccess file, but the message from Groups File add-on doesn’t change.

        • Timothy Houghton August 17, 2020 at 8:56 am #

          The above quotes were formatted by the comment system. I’ve tried :

          ErrorDocument 403 “Sorry, our script crashed. Oh dear”
          ErrorDocument 403 “Test message.”
          ErrorDocument 403 /403.php

          None of them do anything. If I try and access a Group Files add-on file, I still get the same “Forbidden, You don’t have permission to access this resource on this server.” message.

        • Kento September 21, 2020 at 1:58 pm #

          Hi Timothy,

          For questions related to configuring Apache I would recommend to ask for help on more specific sites such as for example, as we can’t really go into everybody’s configuration.


      • Timothy Houghton August 17, 2020 at 9:51 am #

        By the way, the error message I’m getting now (from Groups / Files add-on) is this: “You don’t have permission to access this resource on this server”. When I google this exact phrase the only results are from Groups plugin. Are you sure this isn’t already a custom error document? I don’t seem to be able to override it with Apache ErrorDocument directives.

        • Kento September 21, 2020 at 2:03 pm #

          Hi Timothy,

          This message is not produced by Groups File Access nor Groups, but by the Apache server. If you changed your configuration, remember that you should restart Apache so it reflects the changes – edit : looks like I got confused here for a moment, let me revise it and follow up.


      • Timothy Houghton August 17, 2020 at 9:56 am #

        … I’ve found this in class-groups-file-access.php:

        if ( $code !== null ) {
        switch ( $code ) {
        case 403 :
        $title = ‘403 Forbidden’;
        $heading = ‘Forbidden’;
        $message = ‘You don\’t have permission to access this resource on this server.’;
        case 404 :
        $title = ‘404 Not Found’;
        $heading = ‘Not Found’;
        $message = ‘The requested URL was not found on this server.’;

        • Kento September 21, 2020 at 2:12 pm #

          Ok thanks for pointing me to those, I was convinced that the plugin didn’t produce them and was obviously wrong! I think we can simply add a couple of filters so one can customize the output. We’ll prepare an update to include them, thanks for your patience and for digging into it!

  4. Pat August 2, 2020 at 6:22 pm #

    Are the member-protected files (such as PDFs) handled as WordPress posts? We are evaluating this plugin for a project that will restrict a large number of PDFs to various groups, and the PDFs need to be included in the site’s search results. I usually use the premium version of the Relevanssi search plugin for this, but it will only index WordPress posts (including the “attachment” post type).

    Per Relevanssi’s website, “Since Relevanssi is a WordPress search, Relevanssi operates on WordPress posts (including all the different post types). So, in order to have Relevanssi index your PDFs, they need to be WordPress posts. That’s fortunately really simple: just upload your PDF files to the Media library, and they become posts with the post type of attachment.”

    We have purchased and installed the Groups File Access plugin for testing, and I’m noticing (using default WordPress search) that terms in the PDF title and descriptions are not appearing in search results. Is there a method for including the protected files in the WordPress search results?

    • Kento August 5, 2020 at 2:01 pm #

      Hi Pat,

      Thanks for using the extension!

      > Are the member-protected files (such as PDFs) handled as WordPress posts?
      No, they are held protected as the original files.

      > “… just upload your PDF files to the Media library, and they become posts with the post type of attachment.”
      When you upload a PDF to the media library, a post of type attachment is created which hold a link to the PDF, but that doesn’t imply that the whole PDF “becomes” an attachment post which would reflect the full content of the PDF. It will usually hold its title and link to the uploaded PDF. Whether the search plugin will handle the contents of the attachment and consider them for searches or not I don’t know. Keep in mind that even if you protect an attachment page with the Groups plugin itself (not Groups File Access), the actual attachment is still unprotected and anyone who knows the URL to the attachment can easily access it directly. Groups File Access contains the files separately (out of the Media Library) and controls access to the files to be able to protect them. See the File Access section in the documentation for details on that.

      > “…that terms in the PDF title and descriptions are not appearing in search results…”
      That’s correct. They are not included because they are not visible to the search unless you make their titles visible by included references or use the extension’s shortcodes to point to them in a post for example. Please have a look at the Shortcodes and Examples sections in the documentation.


  5. Luis Aragao June 19, 2020 at 4:19 pm #

    I am looking for a plugin that allow tracking of downloads from memberships. I need not only to know how many downloads for each file but also which downloads were made by each member. Is this possible with your plugin?

    • Kento June 30, 2020 at 11:33 pm #

      Hi Luis,

      Thanks for asking! At the moment, the extension does not provide details on downloads per user.


  6. Angga December 4, 2019 at 9:29 am #

    first I bought this plugin for the URL But why isn’t it working now? Please help me.

    • Kento December 4, 2019 at 10:33 am #

      Hi Angga,

      What exactly doesn’t seem to be working on your site?


      • Angga December 9, 2019 at 7:40 am #

        I can’t upload files and on the bottom of admin page it says “Copyright itthinx – This plugin is provided subject to the license granted. Unauthorized use and distribution is prohibited.”

        • Kento December 10, 2019 at 1:24 pm #

          Sure, simply follow the instructions as documented in the Files section of the documentation.

  7. Foxglove November 17, 2019 at 8:10 pm #

    I am unable to open any documents listed in Groups File access. The wp-content/uploads/groups-file-access folder has an empty index.html and a .htaccess file with “deny from all”. All the files are in the same group, and multiple users who belong to that group, including the admin, cannot access any of the files. The message from Chrom (Win 10) is “No webpage was found for the web address:“. Firefox just gives a blank page.

    Running Groups Version 2.8.0, Groups File Access Version 1.6.4

    This same question was asked on 11/13, 4 days ago, on I can’t figure out how to get an account so I can add to that thread.

    • Kento November 19, 2019 at 1:14 pm #


      I would recommend to review if your server tries to apply any rewrite rules or redirects such requests instead of letting them through so the system can handle them. You might also have a conflicting plugin which removes parameters or interferes with the requests. Another issue could be related to caching, especially if you have caching enabled for users who are logged in – that should be disabled for file requests via the gfid URL parameter.

      Also take into account that for nginx, the system requires a rule which is documented here:


      • Foxglove November 26, 2019 at 10:27 pm #

        Turns out the host migrated us to a different server. As a result, all the URLs in Groups Files have the old URL /home1/oranjccr/public_html/…… They need to be /home3/oranjccr/public_html/……

        We have 71 files. Is there any way to make this change without redoing everything?

        • Kento December 2, 2019 at 7:28 am #


          Yes, this can be done in two ways:

          1) Using a direct update query run on the database (as indicated in the lower section of this documentation page Moving to another Server – make sure to create a backup of your site and database before you run the query).


          2) Scan and import files as described in the File Import section.


    • Angga December 4, 2019 at 10:59 am #

      there is a message: :

      Copyright itthinx – This plugin is provided subject to the license granted. Unauthorized use and distribution is prohibited.

      what is the cause ?, I used to buy it

  8. Robert McKay November 14, 2019 at 8:54 pm #

    I have bought the newer version of Groups File Access but have the older version installed. However, the newer version fails to install. So how do I update the Groups File Access plugin?

    • Kento November 15, 2019 at 4:40 pm #

      Hi Robert,

      Simply deactivate and delete the old version. Make sure to do that from your WordPress dashboard under Plugins > Installed Plugins. Then use Plugins > Add New to upload the new version’s zip file and activate it. Detailed steps are on


Leave a Reply to Kento Click here to cancel reply.

We use cookies to optimize your experience on our site and assume you're OK with that if you stay.
OK, hide this message.

Affiliates · Contact · Jobs · Terms & Conditions · Privacy Policy · Documentation · Downloads · Useful Plugins · My Account