logged in users blocked

Hi @it-hertz,

Thanks for reaching out to us.

Just to clarify, our PDA plugins only protect files against direct access. We do not restrict access to your pages.

Our PDA plugins are also compatible with Ultimate Member plugin. We even use that plugin on our testing sites.

So at first glance, there could be a conflict somewhere. To assist you better, could you please provide us with the following information?

1. A screencast of the issue you’re facing
2. Some screenshots showing your file protection configuration
3. Your site URL and a sample logged-in account for us to double-check

You might also want to send these details to our support email – hello(at)preventdirectaccess.com so that our team can support you faster, @it-hertz.

Hi @it-hertz,

Hope you’re doing well as usual.

We haven’t heard back from you for a while now. So we’d like to follow up wondering if we can be of any further assistance.

Have you managed to get the issue resolved yet, @it-hertz?

Please reply to this support thread or drop us an email at hello(at)preventdirectaccess.com so that we can assist you further.

Awaiting your reply.

Hello,

I did some additional testing just now with your plugin being the ONLY one activated and with various themes, including vanilla ones like Twenty Twenty.
I set 3 PDFs and no other files to be protected via your plugin.

The problem is Restrict Media Library Access.

When that option is disabled, the site works normally for all logged-in users, regardless of roles and permissions/capabilities, and all non-logged-in users. This is the case regardless of which other options in your plugin are enabled or disabled.

When I then enable Restrict Media Library Access, only the Administrator can view the site normally. For all other logged-in users, regardless of roles and permissions, all pages of the site throw a 404 and the main nav bar gets deleted! Yet, non-logged-in users can see and use the site normally.

I don’t have any external redirect rules or anything else in functions.php that would be causing a conflict with your plugin.

This is my .htaccess with no other plugin but yours activated and per above tests (all options with and w/o Restrict Media Library Access enabled; same .htaccess with both conditions):

# BEGIN WordPress
# The directives (lines) between "BEGIN WordPress" and "END WordPress" are
# dynamically generated, and should only be modified via WordPress filters.
# Any changes to the directives between these markers will be overwritten.
# Prevent Direct Access Rewrite Rules
RewriteRule private/([a-zA-Z0-9]+)$ index.php?pda_v3_pf=$1 [L]
RewriteCond %{REQUEST_FILENAME} -s
RewriteCond %{HTTP_USER_AGENT} !facebookexternalhit/[0-9]
RewriteCond %{HTTP_USER_AGENT} !Twitterbot/[0-9]
RewriteCond %{HTTP_USER_AGENT} !Googlebot/[0-9]
RewriteRule wp-content/uploads/_pda(\/[A-Za-z0-9_@.\/&+-]+)+\.([A-Za-z0-9_@.\/&+-]+)$ index.php?pda_v3_pf=$1&is_direct_access=true&file_type=$2 [QSA,L]
# Prevent Direct Access Rewrite Rules End
# Prevent Direct Access Prevent Hotlinking Rules
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^https://mystagingsite.com/ [NC]
RewriteRule \.(gif|jpg|jpeg|bmp|zip|rar|mp3|flv|swf|xml|png|css|pdf)$ - [F]
# Prevent Direct Access Prevent Hotlinking Rules End

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
</IfModule>
Options -Indexes

# END WordPress
php_value upload_max_filesize 64M
php_value post_max_size 128M
php_value memory_limit 256M
php_value max_execution_time 300
php_value max_input_time 300

This issue was also occurring before I increased the upload file size limit, which I did after uninstalling your plugin, before reinstalling just for the above tests.

Hope this helps.

• This reply was modified 2 years, 3 months ago by IT Hertz.

Hi @it-hertz,

Thanks for your detailed reply.

We installed the Restrict Media Library Access on our testing site but haven’t been able to reproduce the issue yet.

Anyway, its main function, i.e. restricting media file access to file authors only, is available in our PDA Lite plugin.

So you do not need to use that plugin, which seems to be abandoned by its authors.

As for the issue when protected files are accessible, it could be something to do with caching issues or your server configurations.

Could you please move our rewrite rules to below this line RewriteRule ^index\.php$ - [L] and see if it works?

Otherwise, please provide us with the following information so that we can advise you better:

1. Both protected and private URLs of a sample protected file
2. Caching plugins, server cache, or CDN you’re using
3. Your hosting provider

You might also want to send these details to our support email – hello(at)preventdirectaccess.com so that our team can support you faster.

We installed the Restrict Media Library Access on our testing site but haven’t been able to reproduce the issue yet.

Anyway, its main function, i.e. restricting media file access to file authors only, is available in our PDA Lite plugin.

So you do not need to use that plugin, which seems to be abandoned by its authors.

I was referring to your plugin with that option enabled. I had never installed the other plugin you mentioned.

Could you please move our rewrite rules to below this line RewriteRule ^index\.php$ – [L] and see if it works?

I’ll try that and get back to you with results.

Hi @it-hertz,

How are you today?

We’d like to follow up with you and see how things are going.

Have you successfully protected your files yet?

Is there anything else that we can do to help?

Let us know.