Prevent Direct Access (PDA) Gold and its extensions are compatible with 96.9% of web hosts out there, includes:
In particular, PDA Gold works out of the box with almost all hosts running on Apache server – without any extra setup or complex configuration.
However, due to some specific set up of certain hosting platforms, there are some considerations and configurations listed below.
If you come across a hosting company that doesn’t recommend PDA Gold, please let us know so that we can contact and work them directly to make their hosting servers compatible with our PDA Gold.
Note: While we’re trying our best to list all hosts that we or our customers have installed and used our plugin on below, it’s by no means a comprehensive list of compatible hosts. If your web hosting is not listed here, it doesn’t mean their hosting is not compatible with PDA Gold. In fact, it actually means PDA Gold works just great on their hosting servers. So there is nothing that you should take note of them here.
InMotion Hosting comes with a WordPress-optimized server which utilizes Nginx as a reverse proxy in front of Apache. They provide you with a Cache Manager tool to manage the cached resources.
However, there is a bug in their Cache Manager’s Bypass URL setting that stops our PDA Gold from working properly.
We have contacted InMotion both directly and on behalf of our customers. Here’s a reply from their chat support in quotes:
Thanks for holding. There is a way that can be done, however we in Support wouldn’t be able to advise you how to do that. You would need to speakk with the Managed Hosting Team. They would be able to advise you and/or configure that for you. Unfortunately its outside of the scope of support for the standard Support team. I’m sorry
You can email them at [email protected]
I wouldn’t be able to email them for you I’m sorry. You would have to email them directly
That’s not helpful at all but we did follow up and contact their so-called “advanced support”. So did our customer. However, we haven’t got a reply, let alone a solution to this issue.
Overall, we find InMotion support (both live chat, ticketing system, and email support) very disappointing. They either keep pushing the responsibility to someone else or just stay silent. It usually took them 3-4 working days just to reply to a simple email. In short, we would not recommend InMotion Hosting to our customers at all.
- Disable Cache Manager tools on InMotion Hosting OR
- Enable our Raw URLs OR
- Simply change to a better hosting provider such as SiteGround or Bluehost
There is a known issue with SiteGround static and dynamic (which requires the static cache to be enabled) cache. Our team has confirmed with SiteGround support and they have also acknowledged that:
- Protected files including documents and images will always be cached immediately upon access from an authorized WordPress user. As a result, they will then be accessible to all of your visitors, which stops our File Access Permission from working properly.
- Static content such as documents and images cannot be excluded via the Dynamic cache exclude feature (SG Optimizer plugin). This feature allows you to exclude dynamic web pages only.
Solution: Since it’s a serious limitation from SiteGround affecting the file protection of our plugin, we recommend:
- Disable Dynamic (and Static) cache but keep SiteGround Memcache enabled still
- Install a good cache plugin such as WP Fastest Cache or WP Rocket
Our team is still working closely with SiteGround support to find a better solution to this problem. SiteGround support is awesome, by the way.
We’re using cookies to check our File Access Permission, i.e. whether the user is logged in or not. However, there are some cookies issues reported by our customers using GoDaddy. Cookies are sometimes striped or altered from the file requests, which leads to incorrect file protection.
Update: We have tweaked our codes for our functions to work properly with Go Daddy’s altered cookies. This cookies issue has been resolved since our PDA Gold version 3.1.0.
Godaddy’s Managed WordPress hosting also comes with a caching feature making use of Apache Traffic Server (ATS). While this speeds up your website’s load time, the server also caches all file requests coming from your website. As a consequence, your private files will be no longer protected by our plugin.
Solutions: simply enable our Raw URLs settings option before you protect any files. You should:
- Always use our raw URLs, e.g.
- Never use direct file URLs, e.g. http://godaddy-website.com/wp-content/uploads/_pda/2019/05/protected-file.pdf (2)
Your file URL is automatically changed to our raw URL once you’ve enabled our settings option.
Once a protected file direct URL (2) is accessed, i.e. by an admin, it’s cached by Godaddy’s cache server. So, anyone will be able to view it (without having to log in or have the right File Access Permission). In this case, you should clear (flush) the cache:
Our Raw URLs (1) won’t be cached by Go Daddy’s cache server.
According to our customer’s report, Pantheon.io do not allow Nginx rewrite rule customization. You have to enable our Raw URLs settings option for our plugin to work properly on your website.