Download Files Not Protected on NGINX

By default, Easy Digital Downloads will protect download files inside of the wp-content/uploads/edd/ folder with a .htaccess, but this will only work if your site is running on Apache. If your site is running on NGINX, the download files will not be protected and will be able to be downloaded by anyone. This doc will walk you through protecting the download files by adding a custom redirect rule to your site's configuration.

To properly protect the files on NGINX, you will need to register a redirect in your site's server config that prevents users from directly accessing the download files.

Setting up a redirect with WP Engine

The rule you need paste into source is:


If you are selling other file formats than ZIP files, you'll need to enter rules for their file types as well.

Protecting your files on Pantheon

Pantheon does not currently allow custom NGINX rewrite rules. To properly protect your files on Pantheon, you will need to install our Pantheon Compatibility extension and activate it on your website. This plugin converts the standard EDD directory to work within the protected directory provided by Pantheon.

Protecting your files on EasyEngine/Nginx

To protect your EDD files while using EasyEngine and NginX, you must locate where your server{} block lives and add the following line:

location ~ ^/wp-content/uploads/edd/(.*?)\.zip$ { rewrite / permanent; }

Manually Configuring the Redirect

If you are on a self-hosted VPS or other hosting account, you may need to modify the redirect rules in the server config directly.

If you are manually adding the redirect to your server config, it will look like this, if option 1 doesn't work, try option 2:

# Option 1:
rewrite ^/wp-content/uploads/edd/(.*)\.zip$ / permanent;

# Option 2:
rewrite ^/wp-content/uploads/edd/(.*)/(.*)\.zip$ / permanent;

Keep in mind depending on your hosting provider, it may be required that they implement this for you.