Hi. Is this possible to restrict file access to author AND admin only in free version?

Hello.
I tried your plugin on my website.
I am using dearflip for showing pdf’s on my website, but i want to prevent people to acces the files any other way than trough the reader on site. But when i try to restrict using your plugin, the files can’t be accessed. Is it possible one way or another to get it to be possible to see files in dearflip and still have blocked so wp-content / wp-uploads not is accessible. but the files are in the reader.?

I’m using the standard “add Media” audio player on my site so that you can click a song and it will play. But I’m finding that there’s a download option on each (the 3 vertical dots on the player). Will your plugin make it so any MP3 files on my site (there are over 250 of them) will not be able to be downloaded? Hopefully the answer is yes.

Hi there,

I have tried adding a redirect for non-logged in users when attempting to view a file, to our custom login page however it still is redirecting to the generic WP login page. Can you please let me know how I can force non-logged in users to get redirected to our custom login page please?

I have a membership site set up using ProfilePress plugin. I wanted the Prevent Direct Access plugin to allow logged-in members to upload images to the Media Library but not be able to edit or delete another member’s images in the Media Library. However, now when a member logs in, all pages on the site are 404 not found! This is not the case when the pages are viewed by a non-logged-in viewer or when the site is logged into by an admin.

I have tried to reach to Premium Support through their because I have a Lifetime licence.

But the contact form has so many required fields with information that I can not actually make contact. I am currently locked out of the site in question so can not provide all the information required. And the Premium Support form is too inflexible to make contact –?even with my email, licence number and outline of my problem.
So, I am posting here.

On Tuesday 13 August I updated Prevent Direct Access Gold and on three sites I have had critical errors with now with the messages 

“;\Patchwork\CodeManipulation\Stream::reinstateWrapper();;”

There was a surge in memory demand on the server and the site crashed.

I have these messages at the top of all my pages

;\Patchwork\CodeManipulation\Stream::reinstateWrapper();;

My pages do not render correctly.

I would like to ask if there is any issue with this latest plugin update?

If I could connect with Premium Support somehow though this form I would appreciate it. Obviously I can not post my personal info here. Thank you.

We use Prevent Direct Access Gold to protect our files. Today, 8/13/24, the PDA caused severe issues on our site, extreme slowness and have had to disable the plugin.

Here is what our server did when we enabled and quickly disabled. https://snipboard.io/ZFNagv.jpg

why it’s generating so many AJAX requests?

hi,

I hope you can help. We have pda lite in place (gold was active but expired two years ago).

Our files have been protected quite happily for the last two years but have started not being connected to their links over the last few days. The troubleshooting page suggests this is a server rule error, and as we have NGINX, I checked with our host, but they say the rules are still in place. The only thing I can think of that has happened is WordPress updated on July 24th. Is the plugin still working with the latest version of WP?

We have the site set up to show documents only to logged-in users. The list of documents is hidden unless you are logged in – each document in the list has a connected PDF file-protected link to it. However, all now show pda_404 when clicked.

Any ideas?

Hello, your plugin is exactly what my client needs, but when i protect a video with your plugin, as admin i can see the video but no one else can see the video, we see Media error: Format(s) not supported or source(s) not found message.

I have tested with disabling WordPress cache plugin in the page the video is, also deactivated plugin (litespeed) and the same behaviour.

Also i tested with your .htaccess information and nothing.

Also tried to add Litespeed .htaccess data (https://preventdirectaccess.com/docs/disable-litespeed-cache-wpx-hosting/) and nothing too.

BTW your video at https://preventdirectaccess.com/extensions/protect-wordpress-videos/ doesnt work either

Any help please?

Thanks

• This topic was modified 5 months, 1 week ago by dviolante.

I just purchased WCFM Lovers marketplace plugin and PDA prevents it from reaching the checkout page, is there anything under settings to avoid this? Selecting a membership plan and registration process is ok but when WCFM tries to access the checkout page to complete the transaction it goes to 404 page not found. It worked only after deactivating PDA. I hope I get a positive reply.

Thanks

I’m getting a critical error in the wp-admin (seems to be the settings page) on the latest version

[14-May-2024 10:51:35 UTC] PHP Fatal error: Uncaught Error: Call to undefined function wp_create_nonce() in /home//public_html/wp-content/plugins/prevent-direct-access/includes/settings_ page.php:42
Stack trace: 0 /home//public_html/wp-content/plugins/prevent-direct-access/includes/settings_page.php(18): SettingsPage->add_script_ip_lock() 1 /home//public_html/wp-content/plugins/wp-lister-ebay/wp-lister-ebay.php(175): SettingsPage->__construct() 2 /home//public_html/wp-content/plugins/wp-lister-ebay/wp-lister-ebay.php(108): WPL_WPLister->loadPages() 3 /home//public_html/wp-content/plugins/wp-lister-ebay/wp-lister-ebay.php(86): WPL_WPLister->__construct() 4 /home//public_html/wp-content/plugins/wp-lister-ebay/wp-lister-ebay.php(343): WPL_WPLister::get_instance() 5 /home//public_html/wp-settings.php(517): include_once(‘/home/…’) 6 /home//public_html/wp-config.php(103): require_once(‘/home/…’) 7 /home//public_html/wp-load.php(50): require_once(‘/home/…’) 8 /home//public_html/wp-admin/admin-ajax.php(22): require_once(‘/home/…’) 9 {main}

thrown in /home//public_html/wp-content/plugins/prevent-direct-access/includes/settings_page.php on line 42

Does your plugin depend on .htaccess for protecting WordPress media files? Can I still get the expected protection with no use of .htaccess rules on my shared hosting site, in regards to your plugin?

Can admins restrict certain files for a role? Meaning, if an admin uploads a file to the Media library, and wants other admins and “subscribers” to be the ones who only see that file, is this setup possible with this plugin? If so, can you provide a very simple example of how?

Hi,

Inside the method add_checkbox_auto_protect_file there should be an extra check if $screen is set.

The method is checking if get_current_screen() exists but in case that screen.php is included elsewhere this check is not enough.

Unfortunately this has led to a conflict with another plugin causing the following error: “Trying to get property ‘id’ of non-object”

Is there anywhere I could open up a pull request?

Adding the check isset($screen) inside add_checkbox_auto_protect_file would solve the problem:

if (isset($screen) && 'media' === $screen->id && 'add' == $screen->action) {
// 
}

Is there any way to change or turn off this message “right click is disabled” when image download is disabled. I don’t like this message on my site, thanks.

Good morning and thank you for your commitment to protecting us from malicious squatters.
I have an important question for us before using your plugin.
The site I would like to protect is a Child Theme based on WordPress Twentyseventeen, but it does not follow the canonical rules of wp: it is in fact based on a complex network of scripts and codes that intersect several times between the pages, and of attachments that are not only media but also data files (such as Excel) which are then converted into DOM outputs and downloadable in PDF.
The codes are therefore not only “enqueued” in functions.php but sometimes also embedded directly in the html headers (through php templates of specific pages) or even links copied into the body of the pages.
The permalinks (like attachments) are already all inhibited, with a redirect to 404, but not the URLs of the internal network.
Without going further, my concern is that your exceptional plugin (if it had been designed only for conventional use of the WordPress base) once applied works perfectly but, in our case, could interrupt the chain of internal codes.
Not knowing the method used by your plugin, I kindly ask you about its operating principle: if for example it were to work by rewriting all the URLs, or moving the files and codes into protected folders (therefore changing all the paths) it could have a serious problem for us. side effect (and we’ve been working on the site review for 13 months, so we don’t want to take any risks).
For example, if it is based on URL encryption, or on the creation of protected folders, but with internal decryption and redirection for file management by the site engine, then we can use it easily.
I apologize for the long thread, and I hope I was able to explain myself.
Thank you very much in advance for your reply.

Is there a way to ask pre purchase questions? Thanks.

Do the plugin prevent users from copy the link like site.com/clip.mp4 and paste it and see the content? If I adding the clip to page in the site will be shown?

Do the plugin prevent the right click so users can see the code?

Hello. I want my web site to look nice, and function to bring readers to the proper content. I don’t want it covered in 404 errors, or “Oops”, etc.. I have 1000+ images that are coming up in search results. I don’t want them to come up. I installed a plugin to disable media pages, but the media on those pages are still coming up in search results, and triggering unwanted galleries… the visitor is distracted with bogus content, instead of finding just the posts and pages that were designed to give them the information on the item in the photo, and the photo is embedded on the page, it should not come up independently in the search results.

Is there a way to use your plugin to prevent only IMAGE files from coming up at all in search results? For example, if I installed something like Filebird, and used that to “isolate” all image files, could I then use your plugin to target that folder to prevent the images from coming up in search results? Thanks in advance.

I just want to check if the plug-in does what I need it to do.
I have a page of a singer, that wants selfhosted audio and videofiles to be listened to and looked at, but for a selection of those files they must be prevented from download… does your plugin offer that option for that? That is the only festure I am looking for… preferable to check/uncheck the option in the media library…

Thanks in advance

Hi,

This looks like a really useful plugin!

I tried protecting an image from direct access. From what I understand this copies the image to a “_pda” folder, however this location is publicly available for direct access?

Does PDA -plugin take care of all path changes to “_pda” (on places where the image is exists on the site)?

Should not this new “_pda” location be blocked from direct access?

Thanks!

Hello, my friends. I hope you’re doing fine. I’m using Easy Digital Downloads and PDA Gold. How can I use these two plugins together? How can I integrate them? (You have written EDD and PDA Gold are integrated in your site! But your site has no documentation on how to use these two plugins together. link:)

Hi,

I have installed the lite version to see how this plugin is working.

Hosting is Plesk (Apache, PHP 8.2.13).

I have protected different files.

Using a browser in incognito mode and open the protected link (with ?/_pda/“ in filename) it could be openend and isn’t protected.

Br,

newbie2004

Hello,

I’m using the free version of Prevent Direct Access. We’re using WP Engine and I have asked them to add the following rules to the NGINX server:

rewrite wp-content/uploads/_pda(\/[A-Za-z0-9_@.\/&+-]+)+\.([A-Za-z0-9_@.\/&+-]+)$ "/index.php?pda_v3_pf=$1&is_direct_access=true&file_type=$2" last;

rewrite private/([a-zA-Z0-9-_.]+)$ "/index.php?pda_v3_pf=$1" last;

I’m told the rules were added, saved, and then they regenerated the NGINX Config. I am told they cannot restart the NGINX server.

I’m able to load files using the protected links, but I am getting “Page Not Found” when trying to load the private download link. I then tried adding the PDA Gold version 3.0 and above redirect rules from the How to make Prevent Direct Access work on WP Engine page. I’m still unable to load private download links.

I reached back out to WP Engine and am told that NGINX rules will overrule redirects, so I had the NGINX rules removed. I still cannot load a private download link.

I have cleared server and browser cache serveral times. Still no luck.

Our goal is to be able to share these private URLs with specific front facing users of the site. We just need the URLs to be private.

Am I missing a step to get these private download links to work?

• This topic was modified 1 year, 1 month ago by hokua.

Hi,

Is this possible with the free version to limit access to a file to a specific user ?

I’m clicking on “The file’s author” to edit permissions but nothing happens…

Thanks

Hello, i have little question about pda. If activate PDA Plugin and block all direct access to all my file. It will be include my sitemap.xml right. Is Google Web Console can’t read my site’s sitemap again if I activate the PDA plugin? Many thanks for the answer

I need the files on my site, such as PDF documents, etc., to only be accessible by the corresponding users limiting its access because currently with only the URL of the file it can be accessed from any browser, whether logged in or not. This also includes that the URL that WordPress gives you for the file is also protected. Would this plugin meet the needs I have?

I have “Set File Access Permission Select user roles who can access protected files through their file URLs.” to admins only, but I can open another browser where admin is not logged in and still go directly to an image.

Is it possible to protect the ENTIRE uploads directory and not just image-by-image?

Hello,

When the setting “Restrict Media Library Access” is enabled, all URLs in front are redirected to the 404 page for any logged-in users with a role different than administrator and who are not the author of the post.

If I understand well this setting, it should be applied only to attachements in the Media admin menu, not all post types (particularly in front-office) ?

If so, it seems to me that the function hide_posts_media_by_other should test the current post type and/or the $pagenow variable before adding the author in the query.

Hello,

How to translate the message “right-click is disabled” that is displayed when we right click on a content into an other language ? I’ve tried Loco translate but didn’t find the text.

Thanks for help, David.