Flywheel uses NGINX webserver to serve up static files. NGINX also acts as a reverse proxy to PHP processes as well as handles all of the rewrite rules that serve your WordPress sites up.
There are 2 ways to make our Prevent Direct Access Gold (PDA) work perfectly with Flywheel hosting:
Flywheel Cloud Platform Bug
There is some cookie issue with their Cloud platform as confirmed with Flywheel Support below. So please ask to them switch your site back to their Legacy server for our plugin to work properly.
The issue with the cookies being stripped on images does appear to be a bug on our cloud platform. We don’t have a timeline on a resolution for this, and it can take some time for our engineers to pinpoint the exact cause and push out a fix. We’ve added this to the bug report as another case for them to review.
In the meantime, the best option would be to move your site back to legacy server where it works.
Implement Our NGINX Rewrite Rules
This is a recommended method to keep pretty permalinks for your file URLs. You’ll just need to open a support ticket. Flywheel customer support will translate our .htaccess rewrite rules into Ngnix and implement them for you.
In case you’ve customized your “private” links or WordPress folder structure, you will need to update the following text in red accordingly.
rewrite wp-content/uploads(/_pda/.*\.\w+)$ "/index.php?pda_v3_pf=$1" last; rewrite private/([a-zA-Z0-9-_]+)$ "/index.php?pda_v3_pf=$1&pdav3_rexypo=ymerexy" last;
Use Raw URLs
Using our Raw URLs provides a quick and dirty, albeit not recommended, solution.
- Enable our Raw URLs option
- Access to your website server using SSH or SFTP
- Go to our
_pdafolder located under
- Create a .htaccess file inside the
_pdafolder with the following rules
Order deny, allow Deny from all
- Go to our
That’s all you have to do. Now, all your files should be protected correctly with our PDA Gold.