Not protecting file URL
-
If I visit any page on my site I get redirected to my SSO login page. If I were to visit a file directly, I don’t have to authenticate. Example I can visit https://www.example.com/wp-content/uploads/2019/09/example.pdf without being authenticated with my identity provider.
Is there a setting I’m missing to protect the entire site, not just the URLs?
I’m using Onelogin SAML SSO version 3.0.0 and WordPress version 5.1.1.
- The topic ‘Not protecting file URL’ is closed to new replies.
