Protecting your securepdfs folder under nginx

For users of our Premium Secure plugin.

If your web server is using the ngnix software at its heart (most WordPress installations run under Apache instead), then you will probably need to take extra steps to secure your securepdfs folder so that the Premium Secure plugin can do its job fully.

For example, if your shortcodes show something like this:

[pdf-embedder url="https://mysite.com/wp-content/uploads/securepdfs/2015/01/Plan-Summary.pdf"]

try entering the url in your web browser directly. You should not be allowed to download the PDF directly.

Your web host should be able to help protect the securepdfs folder from direct access. An example configuration is as follows:


location ~ ^/(wp-content/uploads/securepdfs) {
allow 127.0.0.1;
deny all;
proxy_pass http://127.0.0.1:6776;
}

Top