Prevent Direct Access (PDA) offers a simple solution to protect your WordPress files as well as prevent Google, other search engines and unwanted users from indexing and stealing your hard-to-produce ebooks, documents, and videos.
We’ve created an intuitive user interface directly in your Media Library. It’s simple and easy to use. You’ll be able to protect your private files in no time.
An Inside Look at Prevent Direct Access (PDA) Gold
Our PDA Lite version offers the following features:
Protect Unlimited WordPress Media Library File Uploads
Prevent Direct Access is designed to protect all your WordPress media files such as images (PNG, JPEG), documents (PDF, DOCX, PPTX), audios, and videos (MP4, MP3) that you upload to your website under Media Library or via Media, Pages or Posts.
Once protected, only admin users and the file’s author can access them directly. Unwanted users will be redirected to your 404 not found page when attempting to read and download these file URLs.
You can protect unlimited file uploads with our PDA Lite alone.
Customize “No Access” Page
Instead of redirecting unauthorized users to the 404 page, you can show them a custom page, e.g registration or login page. Users will have to log into your site in order to access these protected files.
Auto-generate Private URLs
Once a WordPress file is protected, Prevent Direct Access will automatically generate a private download link containing a random string for you to access or share this private file with others.
You can then copy that private download link to clipboard and subsequently paste it on your browsers and/or email by clicking on the Copy URL button.
Restrict Access based on IP Addresses
Private Download Links can be accessed by anyone who knows the exact URL. You have an option to block unwanted IP addresses from accessing your private links. You can also expire them automatically by clicks or time with our PDA Gold version.
Block Google from Indexing your Files
Prevent Direct Access (PDA) explicitly tells Google and other search engines not to index any of your protected files so that their content and original URLs will never appear on the search results.
Prevent Image Hotlinking
Our plugin also stops others from stealing and using your images on their website by linking them directly from your website, which could slow down your website significantly.
Protect WordPress Uploads Directory
The wp-content/uploads folder where all your uploaded images and files are stored will also be protected. No one will be able to see and browse the content on that folder anymore.
Disable Copy and Right Click
Our plugin provides you with an option to disable text selection and right-click on all your web pages to prevent content theft.
Restrict Media Library Access
Instead of allowing users to view all file uploads in Media Library, you can restrict users to view their own ones only.
We also provide a premium Folder Protection feature that allows you to protect all files inside the private folder with just one-click.
Once you have installed the plugin, click Activate
Go to Media to protect your files. Prevent Direct Access works best on List View.
There’s an extra column called "Prevent Direct Access" auto-generated by our plugin. Click on "Configure file protection" and start protecting your private file.
Click on "Protect this file" button to make the file private.
The file is now "protected". Its File Access Permission is set to "The file's author", which means it's accessible to the file's author only. Other users are able to access your protected file using a private download link.
You can also protect your file under Media Grid View.
There’s an extra “Prevent Direct Access” option generated by our plugin under Attachment Details. Check the “Protect this file” box to protect your file.
Once your file is protected, it’ll have a red border.
Why do I get this “Plugin could not be activated because it triggered a fatal error”?
It’s likely that you’re using an outdated version of PHP. Please check and upgrade the PHP version on your server to 5.6 or greater.
In fact, WordPress itself even recommends your host supports PHP version 7.2 or greater for security purposes.
Why nothing happens after I activate the plugin?
Prevent Direct Access supports websites hosted on Apache servers out of the box.
In case you’re using WP Engine or other NGINX servers, please check out this instruction on how to update the server configuration for our plugin (Both Lite and Gold version) to work as expected.
In case you’re using Internet Information Services (IIS) web server, please check out this instruction on how to update the server configuration for our plugin (Both Lite and Gold version) to work as expected.
Why do I see a warning message on top after activating the plugin?
The plugin needs to add some mod_rewrite rules to your website .htaccess file (located on your website root folder) to prevent direct access to your files on the server.
So it’s likely that your .htaccess is not writable (with at least 644 permissions; whose owner must be also accessible by your apache server such as www-data). If that’s the case, you must either make it writable or manually update your .htaccess with the mod_rewrite rules found under Settings > Permalinks.
How many files can I protect?
Since PDA Lite version 2.7.7, you can protect unlimited files under your Media Library.
Why can’t I use the plugin in multisite mode?
The Lite version of this plugin only supports Apache, Nginx, and IIS single sites. Multisite mode is supported in our Gold version with the PDA Multisite extension installed.