How to make Prevent Direct Access work on Bitnami

Table of Contents

• Bitnami Apache
• Bitnami NGINX

Apache Server

By default, Bitnami disable .htaccess files for security and performance reasons. They move the configuration in these .htaccess to the main application configuration files instead. In case of WordPress, it’s the htaccess.conf file under /opt/bitnami/apps/wordpress/conf/ folder.

So here are 3 simple steps that what you can do to make our Prevent Direct Access Gold work on Bitnami:

1. Under your WordPress admin, go to Settings > Permalinks, copy the mod_rewrite rules at the bottom of the page which looks something like the following:
   

   For version 3.0 and above

   # Prevent Direct Access Rewrite Rules for version 3.x.x
RewriteRule ^private/([a-zA-Z0-9-_]+)$ index.php?pda_v3_pf=$1&pdav3_rexypo=ymerexy [L]
RewriteCond %{REQUEST_FILENAME} -s
RewriteCond %{HTTP_USER_AGENT} !facebookexternalhit/[0-9]
RewriteCond %{HTTP_USER_AGENT} !Twitterbot/[0-9]
RewriteCond %{HTTP_USER_AGENT} !Googlebot/[0-9]
RewriteRule ^wp-content/uploads(/_pda/.*\.\w+)$ index.php?pda_v3_pf=$1 [L]
# Prevent Direct Access Rewrite Rules End

   For version 2.x.x.

   # Prevent Direct Access Rewrite Rules for version 2.x.x
RewriteRule private/([a-zA-Z0-9-_]+)(/auth-[a-zA-Z0-9-_]+){0,1}$ index.php?pre_dir_acc_61co625547=$1&custom_181191=$2 [L]
RewriteCond %{REQUEST_FILENAME} -s
RewriteCond %{HTTP_USER_AGENT} !facebookexternalhit/[0-9]
RewriteCond %{HTTP_USER_AGENT} !Twitterbot/[0-9]
RewriteCond %{HTTP_USER_AGENT} !Googlebot/[0-9]
RewriteCond %{REQUEST_URI} !\.(?:css|js)$ [NC]
RewriteRule wp-content/uploads/(.+)(\.)([A-Za-z0-9]+)$ index.php?pre_dir_acc_61co625547=$1&is_direct_access=true&file_type=$3 [QSA,L]


2. Locate and open htaccess.conf file (create one if necessary)
3. Paste those codes on step 1 into that file
   <Directory /opt/bitnami/apps/wordpress/htdocs/>
/* put your mod_rewrite rules here */
</Directory>
4. Restart Apache
   Here you go! Our Prevent Direct Access Gold plugin should be working well on your website now.

NGINX Server

1. Copy the rewrite rules shown on Prevent Direct Access Gold Settings page
   
2. Find and open your Bitnami Nginx config file normally located at /opt/bitnami/nginx/conf/bitnami/bitnami.conf
3. Put it inside the server block. Here are entire codes:

   # HTTP server
   
   server {
       listen 80;
       server_name localhost;
   
       rewrite wp-content/uploads(/_pda/.*\.\w+)$ "/index.php?pda_v3_pf=$1" last;
       rewrite private/([a-zA-Z0-9-_]+)$ "/index.php?pda_v3_pf=$1&pdav3_rexypo=ymerexy" last;
       #include "/opt/bitnami/nginx/conf/bitnami/phpfastcgi.conf";
   
       include "/opt/bitnami/nginx/conf/bitnami/bitnami-apps-prefix.conf";
   }
   
   # HTTPS server
   
   server {
   
        listen 443 ssl;
        server_name localhost;
   
        ssl_certificate server.crt;
        ssl_certificate_key server.key;
   
        ssl_session_cache shared:SSL:1m;
        ssl_session_timeout 5m;
   
        ssl_ciphers HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers on;
   
        rewrite wp-content/uploads(/_pda/.*\.\w+)$ "/index.php?pda_v3_pf=$1" last;
        rewrite private/([a-zA-Z0-9-_]+)$ "/index.php?pda_v3_pf=$1&pdav3_rexypo=ymerexy" last;
        #include "/opt/bitnami/nginx/conf/bitnami/phpfastcgi.conf";
   
        include "/opt/bitnami/nginx/conf/bitnami/bitnami-apps-prefix.conf";
   }
   
   include "/opt/bitnami/nginx/conf/bitnami/bitnami-apps-vhosts.conf";

4. Restart your Nginx server:
   sudo /opt/bitnami/ctlscript.sh restart nginx
5. Go back to our PDA Gold settings page. Click on “Check rewrite rules” button.
   Our Prevent Direct Access Gold should be now working on your website.

PS: If you change your Private URL Prefix (on our Settings page), you need to replace the word private on the htaccess rewrite rules above accordingly.