Combining NextGen and DrainHole, a Non-Apache Solution

August 16th, 2012
Sadly, it has come to my attention that Drain Hole is no longer maintained and is not guaranteed to work with WordPress version above 2.9. There are also those claiming that it in fact doesn’t. I am looking for another solution that can give me similar functionality that the combination here did up to WordPress version 2.9. Suggestions are welcome…

However, for the use case here, i.e. only restricting access according to wordpress user status, it seems to work as intended. I have successfully used the setup described on this page with WordPress version 3.4.1, Drain Hole version 2.2.8 and NextGen version 1.9.5.

NextGen is a really well thought through WordPress plugin handling image galleries. It has one obvious drawback though; It does not allow me to limit the access to the images. Granted, you can limit the access to pages displaying the images using WordPress user settings, but not the images themselves. If you have their URLs, you can still access them. I find this to be a major drawback to an otherwise fantastic plugin. And its author has stated a number of times that he will not supply that ability. Bummer!

Drain Hole is another well thought through WordPress plugin that among other things allows you to limit access based on wordpress user status, which is exactly what I wanted to have. It does a lot more if you want it to. For instance, it can generate link lists to folders. It has SVN capabilities, an probably a lot more that I have yet to find.

So, there is one good image gallery handler and one good access limitation provider. Good, then we combine them. Just install them and we’re off. Probably that is the case if you are running Apache and have the module mod_rewrite activated (is that correct Apache language?). I have not been able to test that. However, if mod_rewrite is not around, then the .htaccess file provided/suggested by Drain Hole does not work. You need to provide another .htaccess file. This page explains one way to do that.


To combine the powers of the two plugins NextGen and Drain Hole, by letting each NextGen gallery folder also be a Drain Hole hole. This makes it possible to limit access to the galleries based on user levels on a per-gallery-basis.


This is what you initially do:

  1. Install NextGen. Make sure that you have a /wp-contents/gallery folder.
  2. Install Drain Hole.
  3. Place a .htaccess file with approximately the following contents in your /wp-contents/gallery folder. You need to edit the paths according to your wordpress environment.
    # BEGIN WordPress
    Redirect /wordpress/wp-content/gallery
    # END WordPress

    This file makes the requests go through Drain Hole. If you do not do this, then your images will still be publicly available. Notice that the second row may not be completely visible above. You still should be able to mark and copy it.

That’s all! Now you are ready to provide your galleries and make them Drain Hole holes.

Providing Galleries

It is a bit tedius to set up galleries using the intended combination of plugins. To create a new NextGen gallery in this setup, you have to do the following:

  1. Create the gallery using NextGens admin interface, which results in a folder in wp-contents/gallery.
  2. Populate it using NextGen.
  3. Make it a Drain Hole hole using the admin interface of Drain Hole. You do not need to care about Drain Holes suggestions about placing a .htaccess file in your Drain Hole folder. The .htaccess file that you provided above takes care of that.
  4. Have Drain Hole scan your directory. This is necessary even if you are planning to let anyone access the gallery.
  5. Set access permissions using Drain Holes admin interface. Default is that anyone can access the files.

After that, it should be perfectly possible to use your Nextgen gallery as intended. See NextGen documentation about that.

Updating Galleries

Drain Hole provides access only to its known files. Therefore, if you update your NextGen galleries, you need to have Drain Hole rescan them.


If you are completely sure that you will assign the same access rules to all your NextGen galleries, then you can simplify matters somewhat. In the preparations, add the following:

4.  Make your /wp-contents/gallery folder a Drain Hole hole using the admin interface of Drain Hole. Again, you do not need to care about Drain Holes suggestions about placing a .htaccess file in your Drain Hole folder.

Then when you provide galleries, you skip step 3 (make it a Drain Hole hole), but you still have to scan the directory of your one gallery hole according to step 4.

Comments are closed.