Major update. Deactivate and reactivate the plugin after upgrading \u2014 activation creates the Activity Log database table. All existing restriction settings are preserved.<\/p>","2.1.0":"
Media Restriction is a lightweight and powerful WordPress plugin that gives site admins full control over who can see what in the Media Library. Restrict access by user role so that users only see their own uploads, exclude trusted individuals from the restriction, and keep a full audit trail of every upload, deletion, and library view \u2014 all from a clean, modern settings panel.<\/p>\n\n
Whether you manage a multi-author blog, an online course platform, a membership site, or a client project \u2014 Media Restriction ensures your media library stays tidy, private, and secure.<\/p>\n\n
What makes v2.0.0 different:<\/strong>\nVersion 2.0.0 is a complete rebuild. The settings page has been redesigned with a tabbed interface and instant role toggles (no page reloads). A new Activity Log records every media event with user, file name, IP address, and timestamp. REST API protection closes the Gutenberg and headless bypass that most similar plugins miss entirely. And a critical bug affecting excluded users in the grid view has been resolved.<\/p>\n\n Core restriction<\/strong>\n\u2705 Restrict media library access by user role\n\u2705 Works in both grid view (media modal) and list view (Media Library screen)\n\u2705 Administrators always have full access \u2014 no configuration needed\n\u2705 Exclude specific users from restriction \u2014 grant bypass access to trusted individuals regardless of their role\n\u2705 REST API protection \u2014 \/wp\/v2\/media respects the same restriction rules, covering Gutenberg and headless setups<\/p>\n\n Settings & admin<\/strong>\n\u2705 Modern tabbed settings page \u2014 Roles & Users and Activity Log in one place\n\u2705 Instant role toggles \u2014 enable or disable restriction per role without a page reload\n\u2705 Live status badges on each role card showing user count and restriction state\n\u2705 Header summary showing how many roles are restricted and users excluded<\/p>\n\n Activity log<\/strong>\n\u2705 Tracks all upload, delete, and view events automatically\n\u2705 Records user, file name, IP address, and timestamp for every event\n\u2705 Displays the latest 30 entries in a clean admin table\n\u2705 One-click clear log with confirmation prompt<\/p>\n\n Compatibility & clean code<\/strong>\n\u2705 Works with default WordPress roles and any custom roles (LMS, membership, WooCommerce, etc.)\n\u2705 Compatible with Gutenberg block editor, classic editor, and headless setups\n\u2705 Restricted users can still upload and manage their own files \u2014 restriction is visibility only\n\u2705 No impact on existing media files \u2014 the plugin never modifies or deletes files\n\u2705 Clean uninstall \u2014 removes all plugin options and database tables on deletion<\/p>\n\n Online Learning Platforms (LMS):<\/strong>\nPrevent instructors from seeing or using each other's uploaded course files. Exclude trusted course managers so they retain full access.<\/p>\n\n Client Sites & Freelancers:<\/strong>\nLimit clients to only their own media uploads, keeping your own assets private and the library uncluttered.<\/p>\n\n Multi-Author Blogs:<\/strong>\nEnsure each contributor only sees their own images and uploads. Exclude editors who need to manage all media.<\/p>\n\n Membership or Community Sites:<\/strong>\nAllow members to upload profile or content images but restrict them from browsing admin or other members' uploads.<\/p>\n\n Agencies & Teams:<\/strong>\nGive designers and content editors restricted media access while allowing project leads or account managers full visibility.<\/p>\n\n\n Yes. You can restrict any user role on your site \u2014 including custom roles created by LMS, membership, WooCommerce, or user role editor plugins. Administrators are always exempt.<\/p><\/dd>\n Yes. The Exclude Specific Users field lets you grant full media access to individual users even if their role is restricted. Changes take effect immediately.<\/p><\/dd>\n Yes. Version 2.0.0 adds REST API protection, which covers the \/wp\/v2\/media endpoint used by Gutenberg and headless WordPress setups. Previous versions only restricted the admin UI.<\/p><\/dd>\n Yes. Media Restriction detects all registered roles automatically, including those added by third-party plugins.<\/p><\/dd>\n Yes. Restriction only affects visibility \u2014 users can still upload and manage their own files. They simply cannot see files uploaded by other users.<\/p><\/dd>\n No. The plugin only controls what is visible in the library. It never modifies, moves, or deletes any files.<\/p><\/dd>\n Every upload, deletion, and media library view is logged with the user's name, the file name or object, their IP address, and the date and time. Logs can be cleared by an administrator at any time.<\/p><\/dd>\n Media Restriction is designed to be lightweight and conflict-free. It hooks into standard WordPress filters and does not modify the database schema beyond its own activity log table.<\/p><\/dd>\n Yes. Uninstalling the plugin removes all saved options and drops the activity log database table completely.<\/p><\/dd>\n\n<\/dl>\n\n\n\ud83c\udf1f Features<\/h3>\n\n
\ud83e\udde0 Use Cases<\/h3>\n\n
\n
Does this plugin restrict media access for all user roles?<\/h3><\/dt>\n
Can I allow specific users to bypass the restriction?<\/h3><\/dt>\n
Does the restriction apply in the Gutenberg block editor?<\/h3><\/dt>\n
Does this plugin support custom user roles?<\/h3><\/dt>\n
Will restricted users still be able to upload media?<\/h3><\/dt>\n
Does it affect existing media files?<\/h3><\/dt>\n
What does the Activity Log track?<\/h3><\/dt>\n
Will it conflict with other plugins?<\/h3><\/dt>\n
Does it clean up after itself on uninstall?<\/h3><\/dt>\n
2.0.0<\/h4>\n\n
\n
1.0.3<\/h4>\n\n
\n
1.0.2<\/h4>\n\n
\n
1.0.1<\/h4>\n\n
\n
1.0.0<\/h4>\n\n
\n