Jump to main content Jump to doc navigation

What is an ACL (Access Control List)?

An ACL, or Access Control List, is a set of Permissions attached to an object. More information on ACLs can be found here in Wikipedia.


In MODX, ACLs can be applied to any modAccessibleObject. Primarily MODX Revolution 2.0 allows for ACLs on Resources and Contexts.

Context ACL

A Context ACL is referenced of 4 parts:

This means that one can assign a ACL to a Context that will apply to:

  • All the Users in a User Group
  • ...with at least the Minimum Role specified
  • ...that will give the Users all the Permissions in the Access Policy assigned.

Resource ACL

Resource ACLs behave a bit differently, and basically allow you to restrict access to Resources (such as Documents, Weblinks, etc) by Resource Groups. They are comprised of 5 Parts:

This means that an ACL applied to a Resource Group will:

  • Effect all the Users in the specified User Group
  • ... with at least the Minimum Role specified
  • ... give the Resource Permissions (save, load, delete, etc) in the Policy specified
  • ... to all the Resources in the Resource Group

See Also

  1. Users
  2. User Groups
  3. Resource Groups
  4. Roles
  5. Policies
    1. Permissions
      1. Permissions - Administrator Policy
      2. Permissions - Resource Policy
    2. ACLs
    3. PolicyTemplates
  6. Security Tutorials
    1. Giving a User Manager Access
    2. Making Member-Only Pages
    3. Creating a Second Super Admin User
    4. Restricting an Element from Users
    5. More on the Anonymous User Group
  7. Hardening MODX Revolution
  8. Troubleshooting Security
    1. Resetting a User Password Manually

Support the team building MODX with a monthly donation.

The budget raised through OpenCollective is transparent, including payouts, and any contributor can apply to be paid for their work on MODX.



$0 per month—let's make that $500!

Learn more