Protecting direct access to PDF and ZIP unless user logged in (without plugin)

RewriteCond %{REQUEST_FILENAME} -s
RewriteRule ^wp-content/uploads/([^/]*\.(pdf|zip))$ filecheck.php?file=$1 [QSA,L]

This actually looks OK, except if you have additional subdirectories within the /uploads directory? An alternative is to include an additional condition on the original rule that only rewrites the request if the request ends in .pdf or .zip. For example:

RewriteCond %{REQUEST_URI} \.(pdf|zip)$ [NC]
RewriteCond %{REQUEST_FILENAME} -s
RewriteRule ^wp-content/uploads/(.*)$ dl-file.php?file=$1 [QSA,L]

It shouldn’t really matter, but make sure this goes before the WordPress front-controller.

Related Posts:

  1. Password protect some uploaded files, so only logged-in users can view them
  2. How to protect uploads in multisite if user is not logged in?
  3. How to Protect Uploads, if User is not Logged In?
  4. Extend Media Library
  5. WordPress 3.5: Setting custom “full URL path to files” in the Media Library?
  6. How to show all available images in WP’s media library when using the Polylang plugin?
  7. Which filters or actions to use after a media upload and delete?
  8. How to wp_upload_bits() to a sub-folder?
  9. “Add Media” only shows “Full Size” under Attachment Display Settings
  10. Where do the favicons for Media Files come from
  11. Is it possible to trigger some JavaScript when Media Popup is opened?
  12. How to call WP3.5 Media Library manager?
  13. Append button to WordPress Image Details modal
  14. WP3.5 Media Uploader – how to make it accept multiple images?
  15. How to disable WordPress Media resize different size version?
  16. Media library storing files in uploads not folders within in uploads
  17. Add select field to media uploader that adds a class to the image
  18. How to host different file formats/types for a media attachment without creating multiple attachments?
  19. Site icons with alpha channel for self-hosted WordPress blog network
  20. How do I get allowed Media Library upload file extension list?
  21. Cannot upload .mp3 file to wordpress media
  22. Switch between tabs on “Insert Media” dialog
  23. Restrict WordPress Media Library for a specific user role (users can only see/select own media)
  24. Display attachments by the ID of the post being edited in the wp.media frame (frontend)
  25. move_uploaded_file() not working on wordpress front end
  26. WordPress Issue : The uploaded file could not be moved to wp-content/uploads/
  27. Convert (-) and (escape) signs to (_) when uploading files on wordpress media library automatically
  28. Using wp_enqueue_media() with switch_to_blog() issue
  29. making media URL secured
  30. How to get the return value of wp.media({ frame: ‘post’ }) in all cases?
  31. Media library only shows for admin. Doesn’t show editor or below [closed]
  32. Is it safe to allow non-admin users access to media uploader
  33. upload_max_filesize is set to 64 MB already but WordPress is still showing 2 MB
  34. PHP error when trying to upload .mp3 files via Media Library [closed]
  35. A link (not in the post) to download a specific PDF file
  36. Migrating media files (documents only) to a fresh install and maintaining the same directory structure
  37. How does wordpress handle media files?
  38. WordPress media upload issue could not insert attachment into the database
  39. Thumbnail images missing in WP media library
  40. Open Media Uploader Link in single post or page
  41. Remove Media File Items From Server That Do Not Exist in Media Library
  42. Add SWF file to wordpress through custom template
  43. What if I have a large file on the server that I want the wp library to have?
  44. Uploaded images result in a file url with full path on disk appended
  45. Using WP-CLI “wp media import” to sync files to the media library
  46. Efficient way to move media folder to another folder
  47. Make inline uploader (plupload) on options page upload to a specific folder
  48. Images not displaying on site or media library
  49. Replicate Media Galley Edit view in Add Media View
  50. How to Protect Uploads, if User is not Logged In?
  51. Front-End Upload media with category
  52. How to manually set an attachment in a post?
  53. Media Library: Remove replace images of selected author
  54. Adding attachment custom field metadata to TinyMCE tag
  55. How to upload multiple images using WP rest API to media?
  56. Media not displaying other users uploads – WordPress 4.9.2
  57. Organizing the Media Library for Cleanup
  58. Issues with WordPress 3.9.6 media libraries on XAMPP
  59. Insert media while posting is not working with new wordpress update
  60. controlling whether upload is attached to post or not
  61. How to split my uploaded media into directories?
  62. wordpress 3.6 media manager cropping timestamp
  63. Image in binary in the data to WordPress media library
  64. what happens to existing media files when I switch to year/month directory structure format?
  65. Media upload finished hook
  66. How can I batch delete all unattached images with WP-CLI or other automated process?
  67. How to manage a standalone media folder?
  68. Is wp_read_audio_metadata() function deprecated?
  69. Creating a metabox to upload multiple images, Ignoring The Featured Image
  70. Ignore a filter on the media library
  71. How to validate the file name of the Media File Uploads?
  72. Restricting access to files within a specific folder [duplicate]
  73. Media items hogging pretty permalinks
  74. Plugin to Import Dropbox Files into Media Folder from the Cloud [closed]
  75. Extend the list of MIME-types supported by the builtin uploader in 3.3
  76. Setting higher upload limit
  77. Resize the WP media Uploader iFrame
  78. Uploading dwg files to wordpress
  79. Images not being generated at correct size
  80. How to use MediaUpload outside of editor
  81. Prevent a folder from being shown within the media library
  82. Is It Possible to Upload Certain Attachment Files To A Remote Server
  83. Duplicates and other problems in Media Library
  84. How to allow logged out users to upload media?
  85. upload_max_filesize in .user.ini Not Reflected in Media Upload
  86. How does WordPress decides how many sizes of an image to create?
  87. Is there a way in WordPress to convert images to WebP without a plugin?
  88. Big file upload give HTTP error
  89. Organizing uploaded Media in permalink-based folder structure?
  90. Offload Media Library to other domain on a different server
  91. Image upload to media library fails. Folder won’t create, database insert fail, XAMPP Windows
  92. WordPress append -1 to the image name
  93. Blog suddenly can’t display .jpg
  94. Handle image file and save it to media
  95. Set default “Link CSS Class” in add media admin editor
  96. How to share media between independent blogs?
  97. WP Capabilities to Add Media, Use Media, But Not Edit Them
  98. What is the best way to upload a temporary & sensitive file and then delete it when done
  99. Problem uploading files, after changing domain name
  100. Auto shortlink for file uploads

Leave a Comment