How prevent direct access to PDF file

You cannot at the same time allow access to file (via embedding) and disallow access to file. That’s just not practical and you waste your time on holes.

The comment is quite right that you would need to stream file from protected location for working access control. Even then if client-side viewer has access to it then it’s a non-issue to get the file itself out.

Note that WordPress core is completely engineered to reside in web–accessible location. Splitting some of the media from that and implementing streaming that a quick and trivial customization.

Related Posts:

  1. How to restrict a page [without plugin]
  2. Restrict access to specific users
  3. How do we restrict a user to see a field in a post without registration,
  4. Hide posts of particular category for everyone except of particular user group or role
  5. How restrict video to be open on direct url hit
  6. Disable Page if user not logged in
  7. Learndash groups content protection with tags
  8. How can i restrict a page to certain user roles?
  9. Segregating content in a blog for 2 different readers
  10. Restrict directory listing to only logged in users
  11. Restrict content even to specific user
  12. Member Site – Always Sends Me Back To Login
  13. I want to restrict a page for subscriber and contributor
  14. How to stop EU users from accessing my website?
  15. How to restrict attachment download to a specific user?
  16. simple solution for restricting access to (some) uploads/downloads
  17. Correct Post Count ( All | Published | Drafts | Pending | Trash ) for Custom Post Type when restricting to view own posts
  18. User redirect to destination URL after login
  19. Create a USERNAME and PASSWORD protected WordPress page
  20. Loading posts associated only to the logged in user on recent posts page
  21. Does pre_get_posts affect REST API responses?
  22. Restrict post edit/delete based on user ID and custom field
  23. How do I display a user specific content?
  24. How can I limit functionality in one version of a plugin?
  25. Hiding posts from non logged in users
  26. Restrict access to post if it is currently being edited
  27. how to make author to write comment on only his own posts?
  28. setting a specific home page for logged in users
  29. Restrict the user access in multi site for non-assigned blogs
  30. Restrict access to the Trash folder in Posts
  31. Restrict backend but allow to use post.php?action=delete&post=POSTID from front-end
  32. Restrict certain posts from being sent to the feed subscribers
  33. Removing WordPress Plugin Menu Item for a specific user
  34. Allow access on a page to just only a specific member
  35. Restrict PDF links
  36. Limit REST API output to current logged in user that is also author of the content
  37. WordPress stripping html and script tags from some admin users on save
  38. Taxonomies, restrict editing and creation of terms?
  39. Hide everything on site for visitors except specific page IDs
  40. Restrict Login Subscriber users from accessing frontend
  41. Restrict other Admins from using Editor in Admin Panel
  42. How to restrict the editors from viewing/editing pages created by admin?
  43. Restrict uploaded files into a custom folder to logged in users by htaccess: looking for Nginx – not only Apache – solution
  44. Redirect user to login before viewing custom post
  45. not logged in users can’t submit form
  46. Is it possible to restrict viewing of category PAGE to logged in users only?
  47. Page Restriction and Redirect for Particular Levels or user
  48. Protect sequence of pages with same password for each of two groups of users
  49. How can I restrict image upload dimensions for non-admin WordPress users?
  50. How to restrict logged user to view only certain pages?
  51. Limit post display to post authors and create an exception for specific pages
  52. Use an activation code to change a role [closed]
  53. Restrict certain character combinations in username during registration
  54. How to show post content before read more tag (excerpt) for password protected posts?
  55. How do I log out users from a restricted page if they are already logged in on another device? [closed]
  56. Are exclusive taxonomy terms possible?
  57. Restrict access to content in conjunction with facebook connect & google login
  58. Remove admin menu
  59. I restricted wordpress by logged users. It’s possible exclude a page?
  60. Limit file downloads to logged in users (WP + Nginx)
  61. How to properly print a 404 error without redirecton? (i.e. keeping the current URL)
  62. How to allow registered users to submit the form only 5 times per day?
  63. Get a remote post ID via API given URL
  64. Restrict content based on buy woocommerce product
  65. User restricted only show posts assigned to current user
  66. How to force acceptance of site terms on first login?
  67. One Site as a part of Multisite to be hidden (Un-published) from Public?
  68. Restricting page access [closed]
  69. Restrict access to trash, only admin
  70. Downloadable content only for subscribers?
  71. Hide front-end from every logged out user and redirect them to the default login page
  72. Restrict the list of parent pages to only those which are created by current user
  73. How to restrict an admin page, if the user is not superadmin?
  74. Should I setup frontend-only users as CPT or use a plug-in?
  75. How to restrict access to a single for users I’ve authorized? [closed]
  76. Is it possible to restrict access to specific pages in the admin area based on the page slug?
  77. Requiring login for specific pages
  78. How can I lock specific posts (cpt’s) from editing by anyone other than ADMINS
  79. How can I set a maximum allowed post size and number of posts submitted?
  80. How can I restrict a custom WordPress role access to only a specific plugin?
  81. Is it possible to restrict files from your wordpress uploads (not logged-in users or guest)?
  82. Custom content before post content
  83. Require re-login when logged-in user attempts to access restricted page
  84. force login loophole
  85. Simple Math Quiz or Captcha to hide whois query form
  86. How to restrict a plugin from certain pages without editing its core
  87. Prevent certain subscribers from seeing specific taxonomies (changes frequently)
  88. Is there a way to create folders restricted to specific users to open?
  89. Show/hide posts and categories based on user meta
  90. Uploading attachment (pdf) and prevent download for anonymous user
  91. Show content if user left comment / non-logged visitors?
  92. can you help review CCCP (Conditional Cookie Content Post) and help to create a block?
  93. create a custom query for posts managed by Restrict Content Pro
  94. Limit users to specific uploads
  95. URL Restrictions? Need only people who are logged in AND have a specific role (or roles) to access all pages for a site
  96. After reading 3 story by user ask for subscription popup
  97. How can I fetch user registration age
  98. Restrict access if logged out except for homepage
  99. How to show private pages based on a user’s role?
  100. How to block access to a folder inside of wp-content for non logged in users?
Hata!: SQLSTATE[HY000] [1045] Access denied for user 'divattrend_liink'@'localhost' (using password: YES)