Files Access Control

Nextcloud’s File Access Control app enables administrators to create and manage a set of rule groups. Each of the rule groups consists of one or more rules. If all rules of a group hold true, the group matches the request and access is being denied. The rules criteria range from IP address, to user groups, collaborative tags and some more.

Denied access

If access to a file has been denied for a user, the user can not:

  • Create/upload the file
  • Modify the files
  • Delete the file
  • Download the file
  • Syncronise the file with clients, such as the Nextcloud desktop and mobile clients


Sample rules to block on user group, time and IP base.

The first rule group Support only 9-5 denies any access to files for users of the Support user group, between 5pm and 9am.

The second rule group Internal testing prevents users of the Internal testers group to access files from outside of the local network.

Denying access to folders

The easiest way to block access to a folder, is to use a collaborative tag. As mentioned in the Available rules sec

Attached Files
There are no attachments for this article.