Leave a Reply

1 comment

  1. This is not quite trivial, because natively WP is engineered to completely ignore requests to existing files. So WP doesn’t pay attention to files and .htaccess doesn’t have access to WP’s logged in information.

    If you look for prior art (in plugins for selling digital files for example) this isn’t easily (at all?) doable with direct links. Typically special download links are created and processed by plugins to serve files while masking it’s true name/location (which should be restricted from direct access or not in web accessible folder at all).