Pantheon does not support .htaccess
redirects nor nginx.conf
modifications. Its Global CDN caches all static assets including images, PDFs, ZIP files as well as those protected by our Prevent Direct Access (PDA) Gold.
Fortunately, there is a way to redirect protected files making sure they’re accessible only to those with permission.
In order for our PDA Gold to work properly, you should:
- Stack Cloudflare on top of Pantheon’s Global CDN
- Set up Cloudflare Page Rules
- Enable our Raw URL options
Set up Cloudflare Page Rules to redirect protected files
Once setting up Cloudflare CDN stacked on top of Pantheon’s, go to “Page Rules” under Cloudflare admin dashboard and create a new Page Rule as follows:
- Match this rule:
https://your-website.com/wp-content/uploads/_pda/* - With these settings
- Forwarding URL – Select 301 or 302 for permanent or temporary redirect
- Input your No Access page, e.g. https://your-website.com/404
- Click “Save and Deploy” this page rule.
Once done, direct access to your protected file URL is blocked and redirected to your selected no access page.
https://pda.com/wp-content/uploads/_pda/2020/01/ToDo-List.pdf
Finally, enable our Raw URLs and protect files as usual. Your private files are now protected against everyone but your authorized users.