About Posts & Terms service
Quick Facts
- The service allows defining the most granular access to your content. Not only restricted/not restricted, but also manage visibility, redirects, protection with passwords, expiration, and more.
- Define access controls to an indefinite number of posts, pages, media items, and custom post types with a free AAM version.
- The service has little to no implications on your website performance and has proven many times to be impeccable on large-scale websites (with hundreds of thousands of posts).
- The premium add-on allows managing access by categories and tags or defining the default access to all posts, pages, media items, custom post types, or taxonomies.
- You can define access controls for any registered post type on the site and with the premium add-on for any registered taxonomy.
The "Posts & Terms" service has all the necessary tools to define the most granular access to any WordPress website content. We carefully selected and engineered every single bit of the service based on thousands of interactions with our large user base. We are confident that if you understand the AAM fundamental concept of the access controls inheritance, there is no limit to what you can do.
When you navigate to the "Posts & Terms" tab, the initial view displays a table listing all manageable post types. You can switch between lists of post types and taxonomies using the drop-down in area #2.
Area #1 is a breadcrumb that visually indicates the current contents of the table. Try switching between "Post Types" and "Taxonomies" or drilling down into any items in the list; you'll see the breadcrumb adjust accordingly. All items in the breadcrumb are clickable, allowing for quick navigation back to previous levels.
Area #3 contains the list of all manageable items such as post types, taxonomies, posts, terms, and more.
When viewing the list of post types and taxonomies, the "Actions" column includes two icons:
- "Drill-Down" (green arrow) allows you to drill down to the actual list of posts for a selected post type or the list of terms for a selected taxonomy.
- "Manage Access" (blue cog) opens an access controls form to define default access for all posts in a selected post type or all terms in a selected taxonomy.
When viewing the list of posts or terms, the "Actions" column includes these icons:
- "Edit" (yellow pencil) leads to the edit screen where you can modify the selected post or term.
- "Manage Access" (blue cog) allows you to define granular access controls for the selected post or term.
The free AAM plugin allows you to define access for individual posts of any post type. With the premium add-on, you can also manage access to terms of any taxonomy or set default access controls for an entire post type. With a well-planned access strategy, there are virtually no limits to what you can achieve with this service.
FYI!
To learn more about WordPress content and how access controls inheritance work, refer to the Understanding WordPress Content Hierarchy article.
When you select the "Manage Access" button, the "Access Controls" form loads with various options depending on what you are managing access to. For instance, if you're defining access for an entire post type, the option "CREATE NEW" will be listed, allowing you to restrict the creation of new posts within that post type. However, if you're managing access for an individual term, the list of options will differ.
We unpack all available options with brief descriptions below.
Post Access Controls
The unique characteristic of AAM is that it allows defining the most granular access to the content. It is not just allowed or denied. It is close to 20 different ways to specify how content should be limited and what is the user's experience.
HIDDEN
Hide a post on the frontend, backend, and RESTful API levels. AAM filters out the selected post from all menus or lists. However, the post can be accessed with a direct URL.
HIDDEN TO OTHERS
Similarly to "HIDDEN" option, manage a post visibility to a user with the same role as the post author. However, if the settings are applied to everybody (available only with the premium Complete Package), then it truly allows showing the post only for the author.
RESTRICTED
Manage the ability to read or directly access a post. However, note that this does not hide the post link in the search results, list of posts, menu, etc. To hide the post, use the "HIDDEN" option as well.
RESTRICTED TO OTHERS
Similarly to the "RESTRICTED" option, managing the ability to read or directly access a post by a user with the same role as the post author. However, if the settings are applied to everybody (available only with the premium Complete Package), then it truly allows accessing the post only for the author.
TEASER MESSAGE
Limit access to read a post by showing a custom teaser message. It is helpful to use this option when there is a need to prompt a user to do some action like log in or renew a subscription plan.
FYI!
The teaser message can be plain text or rich HTML with embedded shortcodes. AAM also supports a custom [excerpt] shortcode that injects a post's excerpt if available.
<div class="text-center">
<img src="https://mydomain.com/imgs/access-key.svg" width="64" />
<h2>Access Denied</h2>
<p class="text-muted">Please contact our system administrator for more information</p>
</div>
LIMITED
Define how many times a post can be opened for reading or download. This option is available only for authenticated users as there is no secure way to track visitors’ activity.
Some plugins track visitors’ activity with cookies, browser local or session storages, or even through IP. All these methods have limitations and cannot be used to reliably identify visitors. That is why the LIMITED option is not available for visitors.
After the user reaches the defined threshold, access to a post is denied.
LEAVE COMMENTS
Manage the ability to leave comments. It is very similar to how you manage commenting for any selected post.
The fundamental difference is that with AAM, you can disable commenting on a group of posts or even set the default access to all with the premium Complete Package
REDIRECT
Define a custom redirect when a user tries to access a post.
This feature allows redirecting a user to an existing page, a valid and safe URL, or triggering a custom callback function (if you need to take complete control over the redirect).
FYI!
AAM performs a safe redirect with the WordPress core function wp_safe_redirect, which checks if the URL is for the allowed host.
PASSWORD PROTECTED
Password protected a post.
Note!
Most well-designed themes support password-protected posts. However, we've seen themes that do not have this functionality coded. If you have challenges configuring this feature, confirm with the theme developer that password-protected functionality is available prior to contact us.
ACCESS EXPIRED
Define when access to a post expires. After the specified date and time, access to the post is denied. The user is redirected based on the Access Denied Redirect rule.
CREATE NEW
Manage the ability to create new posts in any selected post type.
EDIT
Manage the ability to edit a post. If denied, the user will not be able to make changes to the post through the backend or RESTful API.
EDIT BY OTHERS
Similarly to the "EDIT" option, managing the ability to edit a post by a user with the same role as the post author. This option is available with the premium Complete Package) only.
DELETE
Manage the ability to delete a post. If denied, the user will not be able to trash or delete the post through the backend or RESTful API.
DELETE BY OTHERS
Similarly to the "DELETE" option, managing the ability to trash or delete a post by a user with the same role as the post author. This option is available with the premium Complete Package) only.
PUBLISH
Manage the ability to publish a draft post.
PUBLISH BY OTHERS
Similarly to the "PUBLISH" option, managing the ability to publish a draft post by a user with the same role as the post author. This option is available with the premium Complete Package) only.
REFERENCE CHECK
Manage access to a post based on a user's reference attributes like IP address, geographical location, referred domain, or URL query parameters.
This option is available only with the Complete Package add-on, and you can learn more about the way it works here.
Term Access Controls
AAM allows managing access controls to any individual term with the premium Complete Package add-on. It supports several most common options as listed below.
RESTRICTED
Manage the ability to browse a term directly. In other words - see the list of posts that belong to the term. For example, you can use terms to organize content on the frontend where a user can navigate to a link like /category/science and see all pages tagged with the "Science" category. The "RESTRICTED" option denies access to these types of links.
HIDDEN
Manage term’s visibility. In other words - hide the term however, allow direct access with URL. You can manage the term's visibility separately for the backend, frontend, and RESTful API levels.
EDIT
Manage the ability to edit a term.
DELETE
Manage the ability to delete a term.
ASSIGN
Manage the ability to assign a term to posts. It is a helpful constraint if you do not want your users to assign posts to any specific categories.
Virtual Assistant