For my Wordpress site, I currently force all users to log in to view any page or post. For example, anyone going to www.mywebsite.com or www.mywebsite.com/a-wordpress-page/ will have to sign in in order to view it.
However, anyone can currently forcefully browse to any file uploaded in the Media Library without needing to log in. For example, anyone can go to www.mywebsite.com/wp-content/uploads/2013/10/myfile.jpg without needing to log in. I want to redirect them to the login screen if possible.
Is it possible to protect this URL? What is the best solution for this? Thanks in advance.
Some things I've tried but they didn't really work...
- http://wordpress.org/support/topic/protect-direct-access-to-uploaded-files?replies=16
- http://stephenharris.info/restricting-direct-access-to-files-in-wordpress
- https://wordpress.stackexchange.com/questions/35226/the-best-way-to-protect-uploaded-media-in-wordpress
- https://wordpress.stackexchange.com/questions/37144/how-to-protect-uploads-if-user-is-not-logged-in
- http://www.digitalaccesspass.com/doc/protecting-regular-site-files/
- http://en.forums.wordpress.com/topic/password-protect-restrict-access-to-files
- http://prestidigitation.commons.gc.cuny.edu/2013/08/11/protecting-uploaded-files-in-wordpress/
- http://www.andrewrollins.com/2008/01/22/wordpress-and-htaccess-password-protected-directories/
