Hi everyone!
I’m setting up a very basic online store using WordPress. When a customer buys one of my products, a license file (a simple .xml with a key but with .mylicense extension) is uploaded to a subfolder like
wp-content/uploads/licenses/product_name-user_id.mylicense
In my root .htaccess, I disabled direct access to files with .mylicense extension using
<FilesMatch “\.(mylicense)$”>
Order Allow,Deny
Deny from all
</FilesMatch>
I have a couple of tables that handle the customer orders and a php script that allows only the customer who bought the product to access his specific license from his dashboard. A link in the dashboard will perform a GET to my php script to get the correct file URL.
I only have one problem, the downloaded file doesn’t have the correct content, but, instead I see something like
failed to open stream: HTTP request failed! HTTP/1.1 403 Forbidden
If I remove .mylicense from .htaccess the file is correctly downloaded.
Is there a way to disable direct file access (via its URL) but still make it downloadable using a GET?
Thanks!
[ad_2]