This isn’t really a WordPress question – but you can add a rewrite rule to prevent access unless the referrer is your own domain.
[Update]
You’ll need to do 2 things
-
Add a rewrite rule (either directly with .htaccess or by using WP_rewrite (Codex reference). The aim here is to deny requests to your documents that don’t have your domain as a referrer – this stops people pasting the link into a browser’s address bar
-
Wrap your download links in an
is_user_logged_in(Codex reference) conditional block – that way they will only show up on the page if the user is logged in
A code example is available in a related question:
Related Posts:
- Restrict access of admin uploads to certain logged-in users?
- How to programatically change username (user_login)?
- Allowing users to edit only their page and nobody else’s
- Disallowing Users of a Custom Role from Deleting or Adding Administrators?
- Hide Admin Menu for Specific User ID who has administrator Role
- How to hide media uploads by other users in the Media menu?
- Allowing an email as the username?
- Check if specific username is logged in
- Post list based on the user that is logged in
- Basic auth WordPress REST API dilemma
- Copy a user from one WordPress site to another
- User File Upload Repository?
- Front end user meta options for users
- add ‘file upload’ field to user details
- How to customize wp_signon()
- Can I create users that have access to *some* other users posts instead of all other users posts?
- Set default page for user account in admin
- Share user table from WP with Drupal
- Log all users out of all locations after 24 hours
- Hide everything on site for visitors except specific page IDs
- Managing Users and Creating Groups [closed]
- show text If special user is logged
- How to delete all post and attachments of a user when I delete it?
- Upgrade Nightmare – No Posts, Permissions Issues and Can’t Create a new post
- How to disable a specific page for a specific user
- How to protect post attachments related to a custom post type, from non-logged in users, on 1 subsite of a multisite installation?
- Allow user access to Dashboard only!
- wordpress user roles are not working
- Displaying different in-page content to cliente/admin
- Problem with automatic role change through cron job
- Reset Password policy
- How can I allow an User to publish only 5 posts per month?
- Where are $current_user->allcaps set?
- How do you manage your pages or functions that require logged-in users?
- Allow admins to login as other users
- Can I Create a Second Admin Level User Role?
- Delete a user from frontend
- Unique password to access a section site
- One Click Access To Users Account In WordPress?
- Using my own user table
- Allow users to upload flash videos?
- WordPress user role with create user capability?
- Update user role for expired membership
- How do I set a maximum upload size for a specific user role (Editor)
- Front-end uploader logging user out when they attempt to upload image
- How to use url formatter with integer
- Custom User Role: Can Edit Own Page, Cannot Create New
- WordPress install checking permissions of user id 0
- throttle/limit a logged in user’s http requests to specific page on a per day basis
- Allowing users to edit only their page and nobody else’s
- How to bulk change user role to “No role for this site”
- Restrict Access to the User Profile
- post acces for guests / unregistered users only
- Username has been exposed
- view and update form only for registered users
- Control Category of each user can post
- Limit user access to installing/configuring a plugin?
- determine active user browser at the same time
- MySQL query to list users who never signed in
- Wordpres password as plain text in email
- WordPress password as plain text in email
- (How) does WordPress protect direct access of user data?
- How to remove/limit Editor accounts privileges, to prevent them from deleting media and pages created by Admin
- problem in uploading attachment to custom directory
- How to allow registered users to submit the form only 5 times per day?
- Preventing user enumeration: which logic is better?
- WordPress Creates Unused (Unregistered) Image Sizes
- How can I do a url redirect to include a wordpress username?
- How does WordPress decides how many sizes of an image to create?
- WordPress current month users
- Allow Users to Modify Some Values of Assigned WordPress Pods [closed]
- Custom registration and pending approval
- Let logged-in users use radio buttons (yes and no) to exclude their author profile from the user listing
- Make new users automatically approved
- Adding fields to the “Add New User” but the form data not saved into DB
- How would I restrict certain user levels from editing categories
- How can I set wp_dropdown_users so that it shows only authors?
- What does “link” refer to when you delete a user?
- set automatically email address for WordPress users
- Restricting wordpress login sessions for a web app
- change user password REST API
- Use WP cookie to authentificate user on an external app
- Find count of WordPress users by role and search string for user name
- How do I add profile fields in specific section?
- fine-grained capabilities for user related capabilities
- Users activity history
- How to destroy all user sessions via WP-CLI
- How to restrict Admin from creating new users from Add new user screen in dashboard to only of one domain?
- Limit attachment caption characters
- is_user_logged_in() not working after domain change
- Designing a member area on my site
- Link to Authors blog posts
- Redirect based on log-in status per JavaScript
- Create users from frontend without password
- How to get user contact info
- WordPress – Security Question at Login from User’s Meta Data
- get Discussion setting in wordpress
- Set a minimal number for next user_id
- Remove My Account Menu items in Woocommerce based on user roles
- How to allow users in wordpress to switch between two assigned roles e.g. Candidate & Employer