Skip to main content
Easy Digital Downloads Documentation
Documentation, Reference Materials, and Tutorials for Easy Digital Downloads
 Documentation Home  /  Common Questions  /  Download Files Not Protected on NGINX

Download Files Not Protected on NGINX

By default, Easy Digital Downloads will protect download files inside of the wp-content/uploads/edd/ folder with a .htaccess, but this will only work if your site is running on Apache. If your site is running on NGINX, the download files will not be protected and will be able to be downloaded by anyone. This article will walk you through protecting the download files by adding a custom redirect rule to your site’s configuration.

To properly protect the files on NGINX, you will need to register a redirect in your site’s server config that prevents users from directly accessing the download files.

Setting up a Web Rule with WPEngine

To get this step please log in to your WPEngine account, select the Site you wish to manage then click on the Web Rules section. Add the following Access Rule:

Type: URI
Operator: Regex matches(~)
Value: ^/wp-content/uploads/edd/\.(jpg|jpeg|png|gif|mp3|ogg|webp)$

This rule will give access to the files with the extensions in the Value field. Every other file type will be blocked so that direct access to your Downloadable files is restricted.

Protecting files on Kinsta

By default, Easy Digital Downloads will protect download files inside of the  wp-content/uploads/edd/ folder with a .htaccess, but this will only work if your site is running on Apache. If your site is running on NGINX, as KInsta uses, the download files will not be protected and will be able to be downloaded by anyone. This doc will walk you through protecting the download files by adding a custom redirect rule to your site’s configuration.

To properly protect the files on NGINX, you will need to register a redirect in your site admin area of your Kinsta site.

Protecting your files on Pantheon

Pantheon does not currently allow custom NGINX rewrite rules. To properly protect your files on Pantheon, you will need to install our Pantheon Compatibility extension and activate it on your website. This plugin converts the standard EDD directory to work within the protected directory provided by Pantheon.

Protecting your files on EasyEngine/Nginx

To protect your EDD files while using EasyEngine and NginX, you must locate where your server{} block lives and add the following line:

location ~ ^/wp-content/uploads/edd/(.*?).zip$ { rewrite / permanent; }

Manually Configuring the Redirect

If you are on a self-hosted VPS or other hosting account, you may need to modify the redirect rules in the server config directly.

If you are manually adding the redirect to your server config, it will look like this, if option 1 doesn’t work, try option 2:

# Option 1:
rewrite ^/wp-content/uploads/edd/(.*).zip$ / permanent;

# Option 2:
rewrite ^/wp-content/uploads/edd/(.*)/(.*).zip$ / permanent;

Keep in mind depending on your hosting provider, it may be required that they implement this for you.

Still stuck? How can we help?
Last updated on November 9, 2022

Start selling today!

Join over 50,000 smart store owners, and start using the easiest way to sell digital products with WordPress.

Get Easy Digital Downloads Now
Read our latest blog post:
Guide to Social Proof for eCommerce: What It Is & How to Use It