I figured that the files uploaded are stored in a subfolder of wp-content/uploads
As I wanted to avoid that anyone reading the E-Mail with the download-link is able to just click on the link and download the file, I tried to set up password-protection with .htaccess for that subfolder. However, clicking on the link still simply downloads the file so I wondered whether the download-link provided in E-Mail is pointing to another folder. Is it like that?
Is there any way to protect the download via password request or is it absolutely necessary to buy the Pro-Version of the Plugin to get this done?