How to password protect media library files (PDF)?

You could check for a log-in cookie in your .htaccess, but that can be spoofed:

RewriteCond %{HTTP_COOKIE} ! wordpress_logged_in_.+= [NC]
RewriteRule \.pdf$ - [F,L]

Related Posts:

  1. Change GitHub Account username
  2. Google OAuth 2 authorization – Error: redirect_uri_mismatch
  3. What are the main differences between JWT and OAuth authentication?
  4. How to use OAuth authentication with REST API via CURL commands?
  5. How to validate a user from ouside wordpress/php?
  6. Override user authentication with external credentials
  7. JWT authentication with WP – Approach
  8. why does WordPress need two cookies for auth/login
  9. Extend WordPress (4.x) session and nonce
  10. How to use WordPress authentication on non-WordPress page?
  11. How does ifttt.com authenticate a supplied WordPress account
  12. Storing Dropbox Authentication?
  13. WordPress as a OAuth Provider
  14. Authentication for wordpress website
  15. How to leverage authentication outside of WordPress?
  16. How do I execute a wp_remote_get call using NTLM authentication?
  17. Outgoing proxy connection problem
  18. WordPress SSO with MemberPress
  19. Authenticated request to WP REST API V2 returning 403 error on /users/me [closed]
  20. Set authentication cookies to be shorter but then extend with every page load
  21. WordPress user Authentication
  22. WordPress asking for FTP details when installing plugins
  23. How to use Azure AD for authentication?
  24. implement authentication and authorization to user
  25. for a role-protected page, programmatically login user and load page
  26. guest authentication
  27. wordpress 3.9 remote token auth
  28. How to set up Shibboleth authentication for a MU site
  29. Login after “Read More” then return to article
  30. How to make WordPress use authentication from Parent Site
  31. auto logout user when user logout on one of the opened tab
  32. How can I have authenticated WordPress users automatically sign into Moodle?
  33. Requiring Authentication for Parts of WordPress Site
  34. WooCommerce OAuth 1.0 + JWT authentication with JS/React
  35. Authenticating users with usermeta fields
  36. Getting Authentication required popup
  37. How can LDAP/Active Directory be integrated in WordPress?
  38. Authenticate Subdomain
  39. How to create new users with JWT Auth Plugin?
  40. Mirgrating a user at signon
  41. Automate WordPress Login
  42. Application to Website authentication
  43. How to authenticate using JWT by ajax?
  44. Open authenticed WordPress page from mobile app
  45. Access to customer profile with pin code
  46. WP link for reset password is not received
  47. How to make an other web app can login with wordpress authentication?
  48. How to add additional factor to wordpress authentication
  49. Adding a “Sign In/My Account” link to an external app
  50. Check if user is logged in, inside php file in template directory
  51. Connect my WordPress site users to my public site account without showing my public site credentials
  52. WordPress Multisite and site speed and scaleability
  53. Blocking the direct access to images in the upload folder WordPress
  54. Can you pass user/pass for HTTP Basic Authentication in URL parameters?
  55. What is the difference between authentication and authorization?
  56. wp_signon by user’s login by their particular role
  57. nodejs – error self signed certificate in certificate chain
  58. Authenticating in PHP using LDAP through Active Directory
  59. How do I require authorization / login to view a specific set of posts / pages?
  60. WordPress auto login after registration not working
  61. Disable WordPress 3.6 idle logout / login modal window / session expiration
  62. How to pass users back and forth using session data?
  63. How to check WordPress website username and password is correct
  64. Should wordpress_logged_in cookie exist while logged out?
  65. How to authenticate custom API endpoint in WooCommerce [closed]
  66. How to build a plugin that supports authenticated POST requests to the REST API from external servers?
  67. Plugin to require Twitter or Facebook login before posting a comment [closed]
  68. Can I authenticate with both WooCommerce consumer key and JWT?
  69. add action which returns modified value
  70. WP REST API: check if user is logged in
  71. Can’t GET draft posts via REST API from headless frontend
  72. WP-API and Basic Auth returning 403 on POST but not GET
  73. How to redirect a Custom Google Search to a wordpress page/template?
  74. Single sign-on: wp_authenticate_user vs wp_authenticate
  75. How does the “authentication unique keys and salts” feature work?
  76. How Authentication in wordpress works? wp_authenticate_username_password()
  77. current_user_can(‘administrator’) returns false when I’m logged in
  78. How to save generated JWT token to cookies on login?
  79. how to oauth1 Wp plug-in revoke/reset.?
  80. How to force JWT auth for default GET endpoints of WordPress rest api?
  81. REST API: best place to set current user for JWT auth?
  82. Why can’t I access my Intranet LDAPS with NADI?
  83. What’s the most efficient solution when augmenting google custom search results with taxonomies?
  84. WordPress Multisite logout conflict
  85. How to stop showing my under development site on Google Search [closed]
  86. Best Authetication between REST API and Mobile App
  87. What WP-API authentication method should I use to interact with anonymous / not-logged visitors?
  88. `authenticate` filter never gets called
  89. authenticate user without redirecting
  90. Log in user using WordPress REST API
  91. How to allow access based on the user meta flag
  92. Authentication between two different sites using the WordPress login cookie
  93. Using WordPress login for a non word-press website
  94. throttle/limit a logged in user’s http requests to specific page on a per day basis
  95. Opening protected page with cookie?
  96. Create Mashable Follow-like Facebook, Twitter login/connect?
  97. Change All Login/Signup Links in Plugin
  98. External Authentication
  99. Login and register by API
  100. wordpress rest api authentication failed
techhipbettruvabetnorabahisbahis forumuedusedusedusedusedueduseduedueduedus