Prevent Direct Access

Description

Prevent Direct Access is a simple way to prevent search engines and the public from indexing and accessing your files without complex user authentication.

This plugin offers the following features:

Protect Up to 3 Uploaded Files

Prevent Direct Access is designed to protect your media files such as images, pdf and videos that you upload via your WordPress Media, Pages or Posts.

Once protected, they cannot be accessed directly on the server. Unwanted users will be redirected to your 404 not found page if they attempt to read and download these files.

Auto-generate Private URLs

Once a file is protected, the plugin will automatically generate a Private URL (link) containing random strings for you to access the file. This private URL is the ONLY way to access the protected file.

You can then copy that private URL to clipboard and subsequently paste it on your browsers and/or email by clicking on the “Copy URL” button.

Protect Your Uploads Directory

The wp-content/uploads folder where all your uploaded images and files are stored will also be protected. No one will be able to see and browse the content on that folder anymore.

Gold Version

Our Gold version offers more advanced features:

  • Create multiple Private URLs per file
  • Customize your own Private URLs
  • Track the number of clicks on each Private URL
  • Protect multiple files at one-click and many other premium features

Check out our plugin’s Premium version here.

If you need any help with the plugin or want to request new features, feel free to contact us through this form or drop us an email at hello@buildwps.com

Screenshots

  • Once you have installed the plugin, please click “Activate”
  • Go to media to protect your files
  • Choose “List View” mode for the plugin’s options to show
  • You will notice there’s an extra column called “ Prevent Direct Access” generated by our plugin. Simply check the box next to the file that you want to protect to prevent others from accessing to it.
  • Once you check the box, the plugin will automatically generate a private URL. Click “Copy URL” to copy it to clipboard.
  • If you want to unprotect your files, simply uncheck the box again.
  • As the free version of this plugin offers protection to up to 3 files only, an error message will be displayed when you try to protect more than 3 files. Contact us at hello@buildwps.com for the premium version, which offer unlimited protected files and other premium features.

Installation

There are 2 easy ways to install our plugin:

1.The standard way

  • In your Admin, go to menu Plugins > Add

  • Search for “Prevent Direct Access”

  • Click to install

  • Activate the plugin

  • Protect your files under Media list view

2.The nerdy way

  • Download the plugin (.zip file) on the right column of this page

  • In your Admin, go to menu Plugins > Add

  • Select the tab “Upload”

  • Upload the .zip file you just downloaded

  • Activate the plugin

  • Protect your files under Media list view

FAQ

Installation Instructions

There are 2 easy ways to install our plugin:

1.The standard way

  • In your Admin, go to menu Plugins > Add

  • Search for “Prevent Direct Access”

  • Click to install

  • Activate the plugin

  • Protect your files under Media list view

2.The nerdy way

  • Download the plugin (.zip file) on the right column of this page

  • In your Admin, go to menu Plugins > Add

  • Select the tab “Upload”

  • Upload the .zip file you just downloaded

  • Activate the plugin

  • Protect your files under Media list view

Why nothing happens after I activate the plugin?

The plugin only supports Apache HTTP Server (“httpd”) at the moment. So if you’re not using it, you may consider switching to httpd as it has been the most popular web server on the Internet since April 1996.

Please check out this instruction of how you can use our plugin (both Free & Premium version) on websites hosted on WP Engine who utilizes Nginx web server.

Why do I see a warning message on top after activating the plugin?

The plugin needs to add some mod_rewrite rules to your website’s .htaccess file (located on your website root folder) to prevents direct access to your files on the server.

So it’s likely that your .htaccess is not writable (with at least 644 permission; whose owner must be also accessable by your apache server such as www-data). If that’s the case, you must either make it writable or manually update your .htaccess with the mod_rewrite rules found under Settings > Permalinks.

Why do I see the popup box that says I can protect only 3 files?

The free version of this plugin offers protection up to 3 files only. Please check out our Gold version which offer unlimited protected files and other premium features.

More documentation can be found in our FAQ.

Reviews

Surprisingly Simple

The plugin’s idea is so simple yet necessary that I thought it should be included in WordPress by default. It works perfectly! Purchased the Pro.

Would not install.

Plugin could not be activated because it triggered a fatal error.

Parse error: syntax error, unexpected ‘[‘ in /????/????/public_html/wp-content/plugins/prevent-direct-access/prevent-direct-access.php on line 139

Does the job

Works well. It’s a very simple plugin but if you don’t need something more elaborate, it will do the job.

Read all 5 reviews

Contributors & Developers

“Prevent Direct Access” is open source software. The following people have contributed to this plugin.

Contributors

Changelog

2.3.2 Wed, November 15, 2017

  • Fix wp::prepare warning messages when using in WordPress version 4.8.3.

2.3.1: Sat, November 4, 2017

  • Add warning messages when users are using deprecated wp api plugin.

2.3: Thu, August 17, 2017

  • Protect files from search engine’s index

2.2: Wed, June 14, 2017

  • Add settings page

2.1.5: Thu, June 1, 2017

  • Notify users to upgrade to Gold version
  • Update plugin’s data after users remove media files

2.1.4: Mon, May 22, 2017

  • Change the way to get non-protected URL
  • Redirect to default 404 page if the file is protected
  • Support websites hosted on WP Engine

2.1.3: February 25, 2017

  • Tweak: Change the plugin’s logic to cater for those files that couldn’t be found in the _postmeta table

2.1.2

  • Fix Twitter, Googleplus and Facebook open graph issue

2.1.1

  • Fix .htaccess rules to recognize the special characters
  • Find in _postmeta table in case of cropped images via wordpress

TODO

  • Support nginx server