File Protect

File Protect

4.72 (25 ratings) 4.72 stars
Cart 256 sales


Sometimes it is necessary to restrict the access to a file, to a complete folder, to a admin area or to specific file extensions like movie files. Of cause you can use a .htaccess file or create every time again a small login page but .htaccess is not very flexible and user friendly and programming everytime a new login page is very time consuming. Instead you can use “FileProtect”. It is that simple to implement: change the settings in the login.php to your need, copy 4 lines of code and upload the files. Try it – you won’t never use another way of protecting your files.


The installation of “FileProtect” is very simple. Only 5 steps are necessary:

  1. Change the ‘Settings’ of the login.php to your need (FileProtect will run without any changes but all settings are also well documented)
  2. Replace the fileprotect_logo.png with your desired logo
  3. Copy the ‘4 magic lines of code’ from the login.php at the beginning of the file that should be protected (in most cases index.php)
  4. upload all files to the desired folder
  5. test it

The 4 magic lines of code are: (add this php code to all .php files that should be protected)

include "fileprotect/fileprotect_class.php";
$fp = new FileProtect;


  • “FileProtect” is simple and flexible
    – it integrates perfectly at every time of your project. Existing files or struktures never have to be renamed or changed.
    – only 4 lines of code to protect a file
    – runs out of the box without any changes
  • no database required – but ready to work with an sql database
  • Username or Password could be defined in the settings or could be read from any sql database
  • ready to deal with md5 encrypted password
  • individual help text at the login page possible
  • Automatic .htaccess creation to redirect from non-existing files and subfolders back to the login screen
  • Possibility to protect specific file extensions from direct access
  • German and English Translations available. Easy to extend with other languages due to standardized language files.
  • resistant against BruteForce attacks
  • check out the demo at


Version 1.3: Prevent error message if there is no login attempt. (Dezember 19th, 2019)
Version 1.2: I added a new function to define the target file for redirecting after a successful login. Also there is no error message until the login form is not submitted.
Version 1.1: I updated the documentation and included the possibility to protect specific file extension in the protected folder (and subfolders).

Please help me

If you are going to rate the script less than 5 stars, please tell me what I can do to make it 5 stars for you and I will fix it. I would love to hear your suggestions on how I could improve the script, leave me a comment or send me an email and your suggestion might make it in to a future version!