About Posts & Terms service
Quick Facts
- The service allows defining the most granular access to your content. Not only restricted/not restricted, but also manage visibility, redirects, protection with passwords, expiration, and more.
- Define access controls to an indefinite number of posts, pages, media items, and custom post types with a free AAM version.
- The service has little to no implications on your website performance and has proven many times to be impeccable on large-scale websites (with hundreds of thousands of posts).
- The premium Complete Package allows managing access by categories and tags or defining the default access to all posts, pages, media items, custom post types, or taxonomies.
- You can define access controls for any registered post type on the site and with the premium Complete Package for any registered taxonomy.
The "Posts & Terms" service has all the necessary tools to define the most granular access to any WordPress website content. We carefully selected and engineered every single bit of the service based on thousands of interactions with our large user base. We are confident that if you understand the AAM fundamental concept of the access controls inheritance, there is no limit to what you can do.
The free AAM plugin allows defining access to individual posts or any post type. With the premium Complete Package you can also manage access to terms of any taxonomy or even set the default access controls to the entire post type. With a carefully thought-through access strategy, you have no limits to what you can do with this service.
When you navigate to the "Posts & Terms" tab, the initial table lists all the registered post types and taxonomies. We call it the Root level, and with the Complete Package, you can define default access settings for all the posts or terms that belong to selected post type or taxonomy.
FYI!
To learn more about WordPress content and how access controls inheritance work, refer to the How is WordPress content organized? Q&A.
When you drill-down to any post type or taxonomy, you should see the list of all posts and terms associated with selected entity. Further we list all access controls you can setup for posts and terms.
Post Access Controls
The unique characteristic of AAM is that it allows defining the most granular access to the content. It is not just allowed or denied. It is close to 20 different ways to specify how content should be limited and what is the user's experience.
HIDDEN
Hide a post on the frontend, backend, and RESTful API levels. AAM filters out the selected post from all menus or lists. However, the post can be accessed with a direct URL.
HIDDEN TO OTHERS
Similarly to HIDDEN option, manage a post visibility to a user with the same role as the post author. However, if the settings are applied to everybody (available only with the premium Complete Package), then it truly allows showing the post only for the author.
RESTRICTED
Manage the ability to read or directly access a post. However, note that this does not hide the post link in the search results, list of posts, menu, etc. To hide the post, use the HIDDEN option as well.
RESTRICTED TO OTHERS
Similarly to the RESTRICTED option, managing the ability to read or directly access a post by a user with the same role as the post author. However, if the settings are applied to everybody (available only with the premium Complete Package), then it truly allows accessing the post only for the author.
TEASER MESSAGE
Limit access to read a post by showing a custom teaser message. It is helpful to use this option when there is a need to prompt a user to do some action like log in or renew a subscription plan.
FYI!
The teaser message can be plain text or rich HTML with embedded shortcodes. AAM also supports a custom [excerpt]
shortcode that injects a post's excerpt if available.
<div class="text-center">
<img src="https://mydomain.com/imgs/access-key.svg" width="64" />
<h2>Access Denied</h2>
<p class="text-muted">Please contact our system administrator for more information</p>
</div>
LIMITED
Define how many times a post can be opened for reading or download. This option is available only for authenticated users as there is no secure way to track visitors’ activity.
Some plugins track visitors’ activity with cookies, browser local or session storages, or even through IP. All these methods have limitations and cannot be used to reliably identify visitors. That is why the LIMITED option is not available for visitors.
After the user reaches the defined threshold, access to a post is denied.
LEAVE COMMENTS
Manage the ability to leave comments. It is very similar to how you manage commenting for any selected post.
The fundamental difference is that with AAM, you can disable commenting on a group of posts or even set the default access to all with the premium Complete Package
REDIRECT
Define a custom redirect when a user tries to access a post.
This feature allows redirecting a user to an existing page, a valid and safe URL, or triggering a custom callback function (if you need to take complete control over the redirect).
FYI!
AAM performs a safe redirect with the WordPress core function wp_safe_redirect, which checks if the URL is for the allowed host.
PASSWORD PROTECTED
Password protected a post.
Note!
Most well-designed themes support password-protected posts. However, we've seen themes that do not have this functionality coded. If you have challenges configuring this feature, confirm with the theme developer that password-protected functionality is available prior to contact us.
ACCESS EXPIRED
Define when access to a post expires. After the specified date and time, access to the post is denied. The user is redirected based on the Access Denied Redirect rule.
EDIT
Manage the ability to edit a post. If denied, the user will not be able to make changes to the post through the backend or RESTful API.
EDIT BY OTHERS
Similarly to the EDIT option, managing the ability to edit a post by a user with the same role as the post author. This option is available with the premium Complete Package) only.
DELETE
Manage the ability to delete a post. If denied, the user will not be able to trash or delete the post through the backend or RESTful API.
DELETE BY OTHERS
Similarly to the DELETE option, managing the ability to trash or delete a post by a user with the same role as the post author. This option is available with the premium Complete Package) only.
PUBLISH
Manage the ability to publish a draft post.
PUBLISH BY OTHERS
Similarly to the PUBLISH option, managing the ability to publish a draft post by a user with the same role as the post author. This option is available with the premium Complete Package) only.
REFERENCE CHECK
Manage access to a post based on a user's reference attributes like IP address, geographical location, referred domain, or URL query parameters.
This option is available only with the Complete Package add-on, and you can learn more about the way it works here.
Term Access Controls
AAM allows managing access controls to any individual term with the premium Complete Package add-on. It supports several most common options as listed below.
RESTRICTED
Manage the ability to browse a term directly. In other words - see the list of posts that belong to the term. For example, you can use terms to organize content on the frontend where a user can navigate to a link like /category/science
and see all pages tagged with the "Science" category. The "RESTRICTED" option denies access to these types of links.
HIDDEN
Manage term’s visibility. In other words - hide the term however, allow direct access with URL. You can manage the term's visibility separately for the backend, frontend, and RESTful API levels.
EDIT
Manage the ability to edit a term.
DELETE
Manage the ability to delete a term.
ASSIGN
Manage the ability to assign a term to posts. It is a helpful constraint if you do not want your users to assign posts to any specific categories.