Table of Contents
Apache Server
By default, Bitnami disable .htaccess files for security and performance reasons. They move the configuration in these .htaccess to the main application configuration files instead. In case of WordPress, it’s the htaccess.conf file under /opt/bitnami/apps/your-wordpress-site-name/conf/ folder.
For compatibility purposes, you should not put the rules under httpd-app.conf file. Use the htaccess.conf file instead.
So here are 3 simple steps that what you can do to make our Prevent Direct Access Gold work on Bitnami Apache server:
- Under your WordPress admin, go to our PDA Gold
Settings>Helperswith the Debug log settings option enabled.Copy our rewrite rules at the bottom of the page which looks something like the following:
For version 3.0 and above
# Prevent Direct Access Rewrite Rules for version 3.x.x RewriteRule ^private/([a-zA-Z0-9-_]+)$ index.php?pda_v3_pf=$1&pdav3_rexypo=ymerexy [L] RewriteCond %{REQUEST_FILENAME} -s RewriteCond %{HTTP_USER_AGENT} !facebookexternalhit/[0-9] RewriteCond %{HTTP_USER_AGENT} !Twitterbot/[0-9] RewriteCond %{HTTP_USER_AGENT} !Googlebot/[0-9] RewriteRule ^wp-content/uploads(/_pda/.*\.\w+)$ index.php?pda_v3_pf=$1 [L] # Prevent Direct Access Rewrite Rules EndFor version 2.x.x.
# Prevent Direct Access Rewrite Rules for version 2.x.x RewriteRule private/([a-zA-Z0-9-_]+)(/auth-[a-zA-Z0-9-_]+){0,1}$ index.php?pre_dir_acc_61co625547=$1&custom_181191=$2 [L] RewriteCond %{REQUEST_FILENAME} -s RewriteCond %{HTTP_USER_AGENT} !facebookexternalhit/[0-9] RewriteCond %{HTTP_USER_AGENT} !Twitterbot/[0-9] RewriteCond %{HTTP_USER_AGENT} !Googlebot/[0-9] RewriteCond %{REQUEST_URI} !\.(?:css|js)$ [NC] RewriteRule wp-content/uploads/(.+)(\.)([A-Za-z0-9]+)$ index.php?pre_dir_acc_61co625547=$1&is_direct_access=true&file_type=$3 [QSA,L] - Locate and open
htaccess.conffile (create one if necessary) - Paste those codes on step 1 on top of the file
<Directory /opt/bitnami/apps/wordpress/htdocs/>
# Put your mod_rewrite rules here like this<IfModule rewrite_module> RewriteEngine On RewriteRule ^private/([a-zA-Z0-9-_.]+)$ index.php?pda_v3_pf=$1&pdav3_rexypo=ymerexy [L] RewriteCond %{HTTP_USER_AGENT} !facebookexternalhit/[0-9] RewriteCond %{HTTP_USER_AGENT} !Twitterbot/[0-9] RewriteCond %{HTTP_USER_AGENT} !Googlebot/[0-9] RewriteRule ^wp-content/uploads(/_pda/.*\.\w+)$ index.php?pda_v3_pf=$1 [QSA,L] </IfModule> </Directory> - Restart Apache using this script
sudo /opt/bitnami/ctlscript.sh restart apache
Here you go! Our Prevent Direct Access Gold plugin should be working well on your website now.
NGINX Server
- Copy the rewrite rules shown on Prevent Direct Access Gold Settings page
- Find and open your Bitnami Nginx config file normally located at
/opt/bitnami/nginx/conf/bitnami/bitnami.conf - Put it inside the server block. Here are entire codes:
# HTTP server server { listen 80; server_name localhost; rewrite wp-content/uploads(/_pda/.*\.\w+)$ "/index.php?pda_v3_pf=$1" last; rewrite private/([a-zA-Z0-9-_]+)$ "/index.php?pda_v3_pf=$1&pdav3_rexypo=ymerexy" last; #include "/opt/bitnami/nginx/conf/bitnami/phpfastcgi.conf"; include "/opt/bitnami/nginx/conf/bitnami/bitnami-apps-prefix.conf"; } # HTTPS server server { listen 443 ssl; server_name localhost; ssl_certificate server.crt; ssl_certificate_key server.key; ssl_session_cache shared:SSL:1m; ssl_session_timeout 5m; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; # put our rewrite rules here rewrite wp-content/uploads(/_pda/.*\.\w+)$ "/index.php?pda_v3_pf=$1" last; rewrite private/([a-zA-Z0-9-_]+)$ "/index.php?pda_v3_pf=$1&pdav3_rexypo=ymerexy" last; #include "/opt/bitnami/nginx/conf/bitnami/phpfastcgi.conf"; include "/opt/bitnami/nginx/conf/bitnami/bitnami-apps-prefix.conf"; } include "/opt/bitnami/nginx/conf/bitnami/bitnami-apps-vhosts.conf"; - Restart your Nginx server:
sudo /opt/bitnami/ctlscript.sh restart nginx - Go back to our PDA Gold settings page. Click on “Check rewrite rules” button.
Our Prevent Direct Access Gold should be now working on your website.
PS: If you change your Private URL Prefix (on our Settings page), you need to replace the word private on the htaccess rewrite rules above accordingly.
