Protecting files on Kinsta
By default, Easy Digital Downloads will protect download files inside of the wp-content/uploads/edd/ folder with a .htaccess, but this will only work if your site is running on Apache. If your site is running on NGINX, as KInsta uses, the download files will not be protected and will be able to be downloaded by anyone. This doc will walk you through protecting the download files by adding a custom redirect rule to your site's configuration.
To properly protect the files on NGINX, you will need to register a redirect in your site admin area of your Kinsta site.