First things first, please make sure:
- You’re on the latest version of WordPress
- You’re using the latest version of Prevent Direct Access:
Our plugin is updated frequently with bug patches, security updates, code improvements, and new features. It’s always best to be on the latest version of Prevent Direct Access.
- Clear your browser, hosting and plugin cache.
Basic Troubleshooting Steps
Please follow these 3 simple steps below to self-troubleshoot common file protection errors:
- Get a protected and private download URL
Protect your file and generate a private link of that file. You’ll have the following 2 links:
Protected URL: https://preventdirectaccess.com/wp-content/uploads/_pda/2019/09/sample-download.pdf
Private (download) URL: https://preventdirectaccess.com/private/592286af465e7
- Is our private URL working?
- Is your File Access Permission working on our protected URL?
If it’s not, there are a few potential issues:
- Implement these rewrite rules accordingly if you’re using Nginx, IIS or Nginx reverse-proxy in front of Apache.
- You’re using a CDN, i.e. CloudFlare or server caching. You need to exclude our protected folder, i.e. https://yourdomain.com/wp-content/uploads/_pda/, from your caching settings.
- There could also be cookies issue with some Cloud servers such as Flywheel and GoDaddy
How to determine the webserver I’m using?
There are two ways to detect which web server you’re using. The most common way is looking at the Response Headers. Here is how to do it:
Step 1: Open Develop tools (Ctrl+Shift+I) if you’re using Chrome or Inspector, (Ctrl+Shift+C) if you’re using Firefox
Step 2: Navigate to Network tab
Step 3: Refresh your website page to load the information
Step 4: See server information under Response Headers tab
You can also double-check this information through our Prevent Direct Access Gold > Status under the Admin Dashboard.
After activating our plugin successfully, navigate to Status sub-menu in the left panel. Click on “Status” and you will see all information about your server, including the server type under the Server Environment section.
If you get different results after trying these methods, like the images above, it may be because of Nginx reverse-proxy in front of Apache. In other words, all private links are working with Apache .htaccess configuration while the protected links are running through Nginx.
Why do I get 404 error when accessing private links?
It seems our custom rewrite rules are not inserted into your server configuration file properly. Please double-check it through our Helper tab.
Go to our PDA Gold Settings Page and turn Enable Debug Logs ON.
After saving changes, a new tab will appear. Under this tab, you will see the plugin status and be able to check our rewrite rules by clicking on the “Check rewrite rules” button. If there is anything wrong with these rules, please fix it as per our instruction tutorials.
Why can everyone still access my protected links without permission?
There are a few reasons for this:
- You’re using a caching plugin, server or CDN. Some web hosting servers support caching or CDN as a way to improve website performance. Your website doesn’t have to send requests to the server whenever a visitor accesses the content. And that also means visitors can still see protected files embedded in the content, even if you have changed the protection status.
- You’re using Nginx reverse-proxy in front of Apache. Nginx server works in a similar way as a caching server. Even though you can configure the htaccess file, Apache doesn’t handle your protected files. They actually run through Nginx reverse-proxy instead, and so, are cached there.
- Cookies are sometimes striped or altered from the file requests, which leads to wrong file access permission.
If you come across this issue, please check the compatibility of your web hosting server with our plugin and try to bypass the server cache. If it still doesn’t work, please consider using our RAW URLs with some limitations.
How to clear cache
- Caching speed up your WordPress site but may also cause issues with our plugin. Themepunch has a great tutorial on how to clear your hosting and plugin cache.
- This is a quick-and-dirty way to clear your browser cache:
- Press F12 to enable “Developer tools”
- Click on “Network” tab and check “Disable cache”
- There is another more in-depth tutorial on StackExchange on how to do a Cache Refresh in Google Chrome.
How can you help us help you faster?
In order for us to assist you better, please provide us these information & files when contacting us:
For Prevent Direct Access Gold Version 3.0
- Please enable “Debug logs” option under Prevent Direct Access settings page.
- Send us the latest debug logs (normal and fatal logs, if any) under Prevent Direct Access Gold > Status > Logs
For Prevent Direct Access Gold Version 2.0
- Please send us (a screenshot of) your htaccess files
- Put these lines on your wp-config.php
define( 'WP_DEBUG', true); define( 'WP_DEBUG_DISPLAY', true ); define( 'WP_DEBUG_LOG', true );
Send us your debug.log file located under your WordPress wp-content folder
- What hosting are you using?
- Does your hosting and/or website use any cache plugin?
- In case your protected files don’t work, please provide us a sample of both protected and private URL.
- Are all your protected files still accessible or the problem only happens to a certain file types (i.e. PDF) only?
.htaccess conflicts with Webp Express & WishList Member
Here’s how to resolve this:
- Go to our _pda folder located under
- Create and add this following codes on top of your .htaccess file
RewriteRule ^/?(.*\.\w+)$ index.php?pda_v3_pf=/_pda/$1 [QSA,L]