Description
Mikesoft TeamVault adds a private document workspace inside the WordPress admin for teams, agencies, partners, and back-office operations that need controlled access to shared files.
Instead of exposing documents through normal Media Library URLs, TeamVault keeps files in protected storage and delivers access through authenticated WordPress workflows.
TeamVault is a strong fit for:
- internal company document areas
- agency-to-client document sharing managed from WordPress admin
- partner or vendor file exchanges that should stay private
- operational archives that must stay separate from the public Media Library
What you can do with TeamVault:
- Upload files with drag and drop
- Organize documents in folders
- Rename, move, preview, download, and delete files from one interface
- Export a folder or the full library as ZIP
- Track uploads, downloads, moves, and deletions in the activity log
Why use TeamVault instead of the Media Library?
- It creates a dedicated private workspace for documents that should not mix with public website assets.
- It adds capability-based access control with an optional per-user whitelist.
- It keeps storage, maintenance, and export workflows focused on private documents instead of general media management.
Privacy and access control:
- Files are stored outside the normal Media Library workflow
- Access is controlled by the
manage_private_documentscapability, which allows full workspace actions including upload, download, export, rename, move, and delete - Settings, activity logs, whitelist management, and maintenance tools require administrator-level
manage_optionsaccess - Optional whitelist mode adds a second authorization layer for selected users
- Cleanup and reindex tools help recover from migrations with missing binaries
Key features:
- Private document storage separated from the Media Library workflow
- Capability-based access control with optional per-user whitelist mode
- Folder create, rename, move, and delete operations
- Drag-and-drop uploads with upload validation
- Inline preview for supported files, including PDFs
- ZIP export for folders or the full library
- Activity logging for uploads, downloads, moves, and deletions
- Maintenance tools for orphan cleanup and storage reindex
- Storage widget focused on the space used by TeamVault files
- English interface with optional Italian translation
Screenshots
TeamVault file manager with folder navigation, private file cards, upload/export controls, and the file details panel.
Installation
- Upload the
mikesoft-teamvaultfolder to/wp-content/plugins/, or install it from the WordPress plugin screen. - Activate the plugin.
- Open
TeamVault > Settings. - Review the allowed file types and access settings.
- Create folders and start uploading private documents.
FAQ
-
Are the files really private?
-
TeamVault is designed to keep files private by storing them outside the normal Media Library workflow and restricting access through authenticated WordPress workflows. Protection still depends on the server environment and the storage rules generated by the plugin.
-
Is TeamVault a replacement for the Media Library?
-
No. TeamVault is designed for private operational documents that should stay separate from the public Media Library and normal website assets.
-
Who can access TeamVault by default?
-
New activations grant the
manage_private_documentscapability to Administrators only. You can enable whitelist mode to limit workspace access to selected users.Sites upgraded from older releases should review existing role capabilities and whitelist settings if Editors previously had TeamVault access.
-
Are file URLs public?
-
TeamVault is designed to avoid normal public Media Library URLs by routing access through authenticated WordPress workflows. The exact storage protection still depends on the server environment and the generated storage rules.
Apache/LiteSpeed can enforce the generated
.htaccess, IIS can enforceweb.config, and Nginx requires an equivalent deny rule for/wp-content/uploads/private-documents/. For high-sensitivity deployments, use a custom storage path outside the public webroot. -
Can non-admin users access TeamVault?
-
Yes, if they have the required capability and, when whitelist mode is enabled, they are explicitly allowed in the plugin settings.
-
Can I change the storage directory?
-
The plugin supports a custom writable storage path at code/configuration level, but the standard admin workflow is built around the default private storage location.
-
What happens if I migrate the database but not the private files?
-
The database records can remain visible even if the original binaries are missing. TeamVault includes cleanup and reindex maintenance tools for these recovery scenarios.
-
Does the plugin support PDF preview?
-
Yes. Inline PDF preview can be enabled or disabled in the settings.
-
What does the storage widget show?
-
The sidebar widget shows only the space used by TeamVault files. On many shared hosting platforms, PHP cannot reliably read the account quota shown by the hosting panel, so the plugin avoids showing misleading total or available values.
-
What happens on uninstall?
-
By default, TeamVault keeps its data for safety. You can enable full data removal before uninstall if you want the plugin to delete its files, folders, logs, and settings.
Reviews
Contributors & Developers
“Mikesoft TeamVault” is open source software. The following people have contributed to this plugin.
Contributors
Translate “Mikesoft TeamVault” into your language.
Interested in development?
Browse the code, check out the SVN repository, or subscribe to the development log by RSS.
Changelog
2.0.9
- Fixed file moves so local private-storage files remain available on disk after being moved between TeamVault folders.
- Added regression coverage for filesystem adapters that report a move without leaving the file in the destination.
2.0.8
- Security hardening for uninstall data removal so storage cleanup stays inside the TeamVault storage root and does not follow symlinks.
- Security hardening for upload validation so SVG remains blocked even if custom extension filters try to re-enable it.
- Documentation update confirming that WordPress.org listing translations are handled through translate.wordpress.org.
2.0.7
- Improved file browser refresh reliability in local and proxy-backed environments.
- Improved oversized upload feedback before the browser sends files that exceed effective PHP limits.
- Split REST permission callbacks into clearer read, write, and delete guards.
- Hardened ZIP export temporary file handling.
- Updated the in-plugin admin logo color to TeamVault blue.
2.0.5
- Fixed immediate visibility for newly uploaded files and newly created folders.
- Fixed persistent storage notice dismissal and JavaScript listener accumulation.
- Hardened download and preview streams before response headers are sent.
- Fixed user search autocomplete escaping and REST parameter sanitization.
2.0.3
- Hardened private storage boundary checks and symlink traversal protection.
- Added safer storage reindex validation and clearer administrator storage notices.
- Changed new activations so only Administrators receive TeamVault document access by default.
- Improved activity log IP handling by relying on the direct server address.
2.0.0
- Major security and reliability release with stricter administrator-only controls for settings, logs, maintenance, whitelist management, and uninstall data controls.
- Reduced user data exposure in user search responses.
- Improved large-file handling for uploads, downloads, previews, and ZIP exports.
- Added regression coverage for administrator-only controls and user search privacy.
For the full release history, see changelog.txt in the plugin package.