Unauthorized downloads on NGINX

  • Resolved redkite

    (@redkite)


    3 years, 10 months ago

    We’re seeing this error and still having non-members downloading files AFTER adding the code below to NGINX conf:

    ‘Because your server is running on nginx, our .htaccess file can’t protect your downloads.
    Please add the following rules to your nginx config to disable direct file access:

    location /wp-content/uploads/dlm_uploads {
    deny all;
    return 403;
    }’

Viewing 4 replies - 1 through 4 (of 4 total)
  • Thread Starter redkite

    (@redkite)

    I can confirm that the rules are in place and that no other plugin is conflicting with Download Monitor. It’s also not a theme conflict issue.

    Downloads were working correctly until the client first noticed the problem on Jan. 22. The site has been on NGINX for several years and never had this problem with non-member downloads until this month.

    Do you have any suggestions?

    Plugin Author Razvan Aldea

    (@raldea89)

    Hello @redkite and sorry for this late reply.

    Just tested on a local installation, with Members only option set for the download and in incognito mode but it seems it doesn’t allow me to download the file used.
    Could you be kind and give me more info so I can make a more thorough test , like:
    – WP Version
    – Download Monitor version
    – Active theme
    – Active plugins
    – PHP version
    – Browser

    Kind Regards!
    Razvan

    Thread Starter redkite

    (@redkite)

    The client decided to replace the plugin since we couldn’t resolve this on our own.

    Plugin Author Razvan Aldea

    (@raldea89)

    @redkite thank you for you reply. I am sorry that our plugin did not fulfill your needs but I am glad that you found a way to do so.

    Have a great day!
    Razvan

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Unauthorized downloads on NGINX’ is closed to new replies.

Tags