WordPress File Manager Plugin (CMDM) - Troubleshooting - Protecting The Upload Directory With a .htaccess File

Protecting the upload directory with .htaccess file

Back to User Guides

This is an advanced topic for setting up the WordPress File Manager plugin. If you are not comfortable editing the file, please contact your server administrator or web host.

The uploaded files are stored in the default WordPress' directory: wp-content/uploads/cmdm. 

If you want to protect those files from sniffing by web robots and you're using Apache HTTP Server you can create a .htaccess file in the uploads/cmdm directory that will tell your server to not serve those files.

Notice: .htaccess file works only on Apache HTTP Server.

.htaccess source

Order Deny,Allow
Deny from all
<FilesMatch "\.(?i:jpg|jpeg|png|gif|webp)$">
    Allow from all

By using the FIlesMatch section you can specify which files extensions will be still available through the web browser, if you need to provide a preview or a player on the download page. 

Add your own extensions (pdf|doc|docx) if you want to preview those files.

WordPress Client Zone Troubleshooting

When you use the WordPress Client Zone add-on, fixing .htaccess file can also solve problems with the preview option and the option that shows the list of files in the download (in case, if you use these options). You just need to add needed file extensions to the regexp (pdf|doc|docx).

'Show Preview' and 'More...' buttons - Customer Portal WordPress
'Show Preview' and 'More...' buttons

More information about the WordPress File Manager Plugin

Other WordPress products can be found at CreativeMinds WordPress Store

Let us know how we can Improve this Product Documentation Page

To open a Support Ticket visit our support center
Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.