How prevent direct access to PDF file

You cannot at the same time allow access to file (via embedding) and disallow access to file. That’s just not practical and you waste your time on holes.

The comment is quite right that you would need to stream file from protected location for working access control. Even then if client-side viewer has access to it then it’s a non-issue to get the file itself out.

Note that WordPress core is completely engineered to reside in web–accessible location. Splitting some of the media from that and implementing streaming that a quick and trivial customization.

Related Posts:

  1. How to restrict a page [without plugin]
  2. Restrict access to specific users
  3. How do we restrict a user to see a field in a post without registration,
  4. Hide posts of particular category for everyone except of particular user group or role
  5. How restrict video to be open on direct url hit
  6. Disable Page if user not logged in
  7. Learndash groups content protection with tags
  8. How can i restrict a page to certain user roles?
  9. Segregating content in a blog for 2 different readers
  10. Restrict directory listing to only logged in users
  11. Restrict content even to specific user
  12. Member Site – Always Sends Me Back To Login
  13. I want to restrict a page for subscriber and contributor
  14. How to stop EU users from accessing my website?
  15. How to restrict attachment download to a specific user?
  16. simple solution for restricting access to (some) uploads/downloads
  17. User redirect to destination URL after login
  18. Create a USERNAME and PASSWORD protected WordPress page
  19. Loading posts associated only to the logged in user on recent posts page
  20. Does pre_get_posts affect REST API responses?
  21. Restrict post edit/delete based on user ID and custom field
  22. How can I limit functionality in one version of a plugin?
  23. Restrict access to post if it is currently being edited
  24. how to make author to write comment on only his own posts?
  25. setting a specific home page for logged in users
  26. Restrict certain posts from being sent to the feed subscribers
  27. Removing WordPress Plugin Menu Item for a specific user
  28. Allow access on a page to just only a specific member
  29. Limit REST API output to current logged in user that is also author of the content
  30. Hide everything on site for visitors except specific page IDs
  31. Restrict Login Subscriber users from accessing frontend
  32. Restrict other Admins from using Editor in Admin Panel
  33. Restrict uploaded files into a custom folder to logged in users by htaccess: looking for Nginx – not only Apache – solution
  34. Redirect user to login before viewing custom post
  35. Is it possible to restrict viewing of category PAGE to logged in users only?
  36. Page Restriction and Redirect for Particular Levels or user
  37. Protect sequence of pages with same password for each of two groups of users
  38. How can I restrict image upload dimensions for non-admin WordPress users?
  39. How to restrict logged user to view only certain pages?
  40. Limit post display to post authors and create an exception for specific pages
  41. Restrict certain character combinations in username during registration
  42. How to show post content before read more tag (excerpt) for password protected posts?
  43. How do I log out users from a restricted page if they are already logged in on another device? [closed]
  44. Are exclusive taxonomy terms possible?
  45. Restrict access to content in conjunction with facebook connect & google login
  46. Remove admin menu
  47. I restricted wordpress by logged users. It’s possible exclude a page?
  48. Limit file downloads to logged in users (WP + Nginx)
  49. How to properly print a 404 error without redirecton? (i.e. keeping the current URL)
  50. How to allow registered users to submit the form only 5 times per day?
  51. Get a remote post ID via API given URL
  52. Restrict access to trash, only admin
  53. Downloadable content only for subscribers?
  54. Restrict the list of parent pages to only those which are created by current user
  55. How to restrict an admin page, if the user is not superadmin?
  56. How to restrict access to a single for users I’ve authorized? [closed]
  57. Is it possible to restrict access to specific pages in the admin area based on the page slug?
  58. Requiring login for specific pages
  59. How can I lock specific posts (cpt’s) from editing by anyone other than ADMINS
  60. How can I set a maximum allowed post size and number of posts submitted?
  61. How can I restrict a custom WordPress role access to only a specific plugin?
  62. Is it possible to restrict files from your wordpress uploads (not logged-in users or guest)?
  63. Custom content before post content
  64. Require re-login when logged-in user attempts to access restricted page
  65. force login loophole
  66. Simple Math Quiz or Captcha to hide whois query form
  67. Prevent certain subscribers from seeing specific taxonomies (changes frequently)
  68. Is there a way to create folders restricted to specific users to open?
  69. Show/hide posts and categories based on user meta
  70. Uploading attachment (pdf) and prevent download for anonymous user
  71. can you help review CCCP (Conditional Cookie Content Post) and help to create a block?
  72. create a custom query for posts managed by Restrict Content Pro
  73. Limit users to specific uploads
  74. URL Restrictions? Need only people who are logged in AND have a specific role (or roles) to access all pages for a site
  75. After reading 3 story by user ask for subscription popup
  76. How can I fetch user registration age
  77. Restrict access if logged out except for homepage
  78. How to show private pages based on a user’s role?
  79. How to block access to a folder inside of wp-content for non logged in users?
  80. Hide top admin panel for non admin and non editors
  81. WordPress Front-End user restricted taxonomies
  82. How to use url formatter with integer
  83. Restricted images only for logged user. (hidden url)
  84. Multiple domains, Single database, 1 Parent/Master with all content, other domains/slaves with filtered content (based on “location” variable)
  85. Using a page-template to restrict access based on IP (Frontend)
  86. Restrict access to custom post type and filter from every query
  87. Allow users to only CREATE one single (custom) post
  88. Front end login and page restriction
  89. WordPress Shop and restricting products and categories for some users/groups
  90. Assign specific editor with custom user meta “A” to all authors with custom user meta “A” and exclude all other author access
  91. How to give members access to their own protected page?
  92. Restrict access to specific content
  93. Restrict download files from not generated Urls
  94. Avoid too long words in a post title, post content or comment but only if its not a url
  95. Basic File/Post restriction plugin
  96. How can visitors redirect wp-admin to the homepage?
  97. Website visible only to Registered users (non wp-admin)
  98. Valid WordPress html elements
  99. Multisite Login Access Restrictions
  100. Restrict Image Sizes and Dimensions when Uploading via the WP Mobile App
techhipbettruvabetnorabahisbahis forumuedueduseduseduedusedueduseduedusedus