How to make Prevent Direct Access work on WP Engine

By default, our plugin (both Free and Gold version) doesn’t work on websites hosted on WP Engine that utilize both Apache and Nginx web servers.

However, with these simple tweaks now you can use Prevent Direct Access (PDA) Gold on WP Engine.

PDA Gold Redirect Rules

  1. Log in to your WP Engine User Portal
  2. Select the environment name in which PDA Gold is installed 
  3. Select “Redirect Rules” and add “New redirect rule”
  4. You will need to create 2 redirect rules as below

Replace https://www.yourwebsite.com with your WordPress Site Address (URL) shown under Settings >> General from the admin dashboard.

For PDA Gold version 3.0 and above

Redirect name Rules for original links
Domain Choose your website domain
Source wp-content/uploads(/_pda/.*\.\w+)$
Destination https://www.yourwebsite.com/index.php?pda_v3_pf=$1
Redirect type* 301 Permanent

For WordPress Multisite Network

If you’re having a multisite network, you should use the following code for the Source* instead.

wp-content/uploads(?:/sites/[0-9]+)?(/_pda/.*\.\w+)$ 
Rules for original links
Redirect Rules for Prevent Direct Access original links

The following private link rules apply for both single and multisite networks.

If you change the Prefix for Private URL, you need to replace the word private in the Source* accordingly.

Redirect name Rules for private links
Domain Choose your website domain
Source private/([a-zA-Z0-9-_]+)$
Destination https://www.yourwebsite.com/index.php?pda_v3_pf=$1&pdav3_rexypo=ymerexy
Redirect type* 301 Permanent
Redirect Rules for Prevent Direct Access private links

For PDA Gold version 2.x.x

Redirect name Rules for original links
Domain Choose your website domain
Source wp-content/uploads/(.+)(\.)([A-Za-z0-9]+)$
Destination index.php?pre_dir_acc_61co625547=$1&is_direct_access=true&file_type=$3
Redirect type* 301 Permanent
Redirect name Rules for private links
Domain Choose your website domain
Source private/([a-zA-Z0-9-_]+)(/auth-[a-zA-Z0-9-_]+){0,1}$
Destination index.php?pre_dir_acc_61co625547=$1&custom_181191=$2
Redirect type* 301 Permanent

Folder Protection Redirect Rules

Please implement these redirect rules for our Folder Protection feature to work properly on WP Engine hosting. You must have our Access Restriction extension installed for this to work properly.

Logic & Limitations

As WP Engine doesn’t support RewriteRule Flags, all your private and original links will appear as “raw” anyway. However, if you implement these WP Engine redirect rules, you can use (and access) pretty URLs instead of raw ones. For example:

  • Raw (Ugly) URL: http://bwps.com/index.php?pda_v3_pf=/_pda/2018/09/ava-2.png
  • Pretty URL: http://bwps.com/wp-content/uploads/_pda/2018/09/ava-2.png

As a rule of thumb, please make sure you’re using the latest version of our plugin.

Feel free to contact us for support if you face any problems or have any questions.

Protect files hosted on LargeFS

LargeFS (Large Files System) is a WP Engine’s product that allows you to store large amounts of media and integrate it into WordPress. In other words, it’s an Amazon S3 based file storage.

By default, our PDA Gold plugin doesn’t recognize the files hosted on LargeFS bucket. There’ll be a popup that says “File does not exist” when you try to protect these media files.

To resolve this, you can exclude the /uploads/_pda folder from WP Engine’s LargeFS. This leaves protected files locally on the server and the PDA plugin will work as usual.

Logic & Limitations

Currently, protected images might be broken on WP Engine sites.

Temporary solution: Enable the “Keep raw URLs” option.

Lasted updated on June 9, 2021