Files still accessible
-
For some reason this plugin isn’t working for me. I downloaded the plugin, installed it and set some media files to “Logged-in users” within the Media Vault Protection Settings but if I email a link of the File URL to someone and they click on the link BAM! it opens right up even though they aren’t logged in. What am I doing wrong?
-
Hey,
Have you tried disabling the other plugins and perhaps switching to a default theme to see if that solves your problem. Remember to backup any data you might lose when doing this.
Can you verify that the files are correctly being served from the Media Vault protected folder (ie: does the url contain a directory like ../_mediavault/..)
Can you verify that the Media Vault rewrite rules are present in your site’s .htaccess file (they begin with
# Media Vault Rewrite Rules
and end with# Media Vault Rewrite Rules End
).Can you provide a link to some dummy content that is supposed to be protected but nevertheless is not?
Thanks, hope I can help
Thanks for getting back to me. Yes, the files are being served from subfolders (Year and Month) in the mediavault folder. I’m assuming the Media Vault installation moved them there since they were simply in the Uploads folder before. I’m using the Twenty Twelve theme. I’ve searched thru the WordPress folder and can’t find an .htaccess file. Maybe that’s the issue. Where should I find that file?
.htaccess is an Apache thing, so first you need to make sure that you’re on an Apache server. Then the file should be in the root folder of your site. Are you using FTP to view the files? You may need to enable showing hidden files to view it.
Sorry for the delay. I’m running WordPress on a Synology NAS. I don’t think I currently have an .htaccess file. Can I simply create one somehow and reinstall the plugin and it work?
Sorry if these are remedial questions but I’m a newbie at this WordPress thing and I’m using it to create an FAQ site for our small company. Our Synology NAS came with WordPress as an application that we can install and create sites on our NAS.
Hey, sorry for my delay as well!
I am not familiar with the Synology NAS so I am going to ask a different question: Do you have the latest Media Vault version? and Did Media Vault require you to go through “extra activation steps” to activate it?
Currently Media Vault is set-up to work out of the box with Apache servers, if your NAS is running something else like Windows ISS server or NGINX or whatever, then the plugin requires some manual work to complete the activation. This is not to say the plugin cannot work with these setups just that it is not built to do so automatically in the current version.
The plugin shows version 0.8.8. It didn’t require “extra activation steps”.
That should mean that your WordPress installation is running on an Apache server, so I would say try adding the .htaccess file like you said in the root folder of your WordPress installation, that’s usually the directory containing your wp-config.php file. Are you using Pretty Permalinks on your FAQ website? I hope this helps!
Hi Max, thanks also for sharing your plugin. I am experiencing the same problem above – protected files are still accessible via a direct URL even though users are not logged in. In my situation:
- I am using a child theme of twentythirteen
- I am trying to protect PDF files
- files are being served from the Media Vault protected folder e.g.
sitename/wordpress/wp-content/uploads/_mediavault/2014/02/filename.pdf
- the Media Vault rewrite rules are present in the .htaccess file
- I am using pretty permalinks
Note: I do have an additional .htaccess file in my theme’s directory – this is the one provided with HTML5 Boilerplate v4.3.0. Could this be causing the issue?
Please let me know what I can do to fix this. Many thanks.
Was this issue ever resolved? I am experiencing a similar issue. Thank you.
I was just experiencing a similar issue. Looking at my .htaccess file this is what I had:
# Media Vault Rewrite Rules RewriteRule ^assets(/_mediavault/.*\.\w+)$ index.php?mgjp_mv_file=$1 [QSA,L] RewriteCond %{QUERY_STRING} ^(?:.*&)?mgjp_mv_download=safeforce(?:&.*)?$ RewriteRule ^assets(/.*\.\w+)$ index.php?mgjp_mv_file=$1 [QSA,L] # Media Vault Rewrite Rules End
Investigating the assets directory I noticed the file that should have been protected didn’t even exist there. It was in the wp-content/uploads/ directory.
What solved my problem was simply deactivating and reactivating the plugin. My .htaccess file was updated and files are protected as expected.
# Media Vault Rewrite Rules RewriteRule ^wp-content/uploads(/_mediavault/.*\.\w+)$ index.php?mgjp_mv_file=$1 [QSA,L] RewriteCond %{QUERY_STRING} ^(?:.*&)?mgjp_mv_download=safeforce(?:&.*)?$ RewriteRule ^wp-content/uploads(/.*\.\w+)$ index.php?mgjp_mv_file=$1 [QSA,L] # Media Vault Rewrite Rules End
The Last ^^ Post Resolve the Problem, Mark [resolved] Please
Didn’t fix PDF protect for me.
First time install. Didn’t work/fix for me either, direct links not protected. Would really like this plug-in to work…
Files are being served from the Media Vault protected folder e.g. sitename/wordpress/wp-content/uploads/_mediavault/2014/02/filename.pdf
The Media Vault rewrite rules are present in the .htaccess file
I am using pretty permalinks
Running on WordPress 3.9.1I found a fix for my issue, at least for file types other than PDF files. I’ve installed wordpress in another directory, lets say /core, and so I edited the .htaccess to reflect in the code then, like:
# Media Vault Rewrite Rules RewriteRule ^core/wp-content/uploads(/_mediavault/.*\.\w+)$ index.php?mgjp_mv_file=$1 [QSA,L] RewriteCond %{QUERY_STRING} ^(?:.*&)?mgjp_mv_download=safeforce(?:&.*)?$ RewriteRule ^core/wp-content/uploads(/.*\.\w+)$ index.php?mgjp_mv_file=$1 [QSA,L] # Media Vault Rewrite Rules End
That fixed my issue with direct download links, hope that helps some of you if you have your WordPress installed in an extra folder.
I don’t know why PDF files are still not being protected, while other file types are….? If you are only testing with PDF, try testing with jpg or some other file type as well.Got it working with pdf files now… I’m not sure, I played around with adding
AddType application/pdf .pdf
to .htaccess. Tt still works even when I remove that code. Don’t really know what happened, I just googled and stabbed in the dark but it’s working! Got the idea from this thread
Thanks for this plugin! I’ll test out some more before I give a review.
- The topic ‘Files still accessible’ is closed to new replies.