Folder Protection

Our Prevent Direct Access (PDA) Gold plugin provides an easy way to help you protect your private files. You can either protect individual or multiple files at the same time with WordPress Bulk Actions. Now you can even protect the entire folder, i.e. all files on that folder, with the new feature of PDA Access Restriction.

Unlike the file protection of PDA Gold where we move your all protected files into _pda directory, this folder protection method keeps all your file URLs as they are.

Without further ado, let’s get started with the action steps.


Under our PDA Gold settings, click on “Folder Protection” tab:

  1. Select folders which you want to protect
  2. Set file access permission for all files under these folders

1. Select folders

At the moment, we only support protection of main folders under wp-content/uploads.

Besides, only folders whose name includes alphanumerics, space and the special characters “-_” is accepted and displayed under the Select field. If you don’t see your folder under the Select filed, please make sure its name follows our plugin’s rule.

We also display the default WordPress media folders such as 2018 and 2019. So if you’re to choose those folders, it may cause UI conflicts with the file protection on Media library.

2. Set file access permission

This option allows you to set user roles who can access all the protected files under the selected folders. “Admin users” is the default option.

Click “Save changes” to finish.

Rewrite Rules for WP Engine

For our feature to work on WP Engine and Nginx servers, you have to implement these rewrite rules as follows.

Redirect name: Rules for folder protection
Source: ^wp-content/uploads(/(your-folder-name-1|your-folder-name-2)/.*\.\w+)$
Redirect type* 301 Permanent

Rewrite Rules for NGINX servers

rewrite wp-content/uploads(/(your-folder-1|your-folder-2)/.*\.\w+)$ "/index.php?pda_v3_pf=$1" last;

* “your-folder-name-1” and “your-folder-name-2” are folders you want to protect. Use | to separate each folder name.

Lasted updated on July 20, 2019