This sounds like a great solution:
1) create a package with all my protected files, I’ll look up docs on this.
2) Only allow access to the package for logged in users. This would block download links for non-logged in users.
A different suggestion from your support would be to upload files only via WPDM, They also suggested making these changes https://www.wpdownloadmanager.com/doc/how-to-protect-download-manager-files-directory-in-nginx/
I don’t have access to nginx in /etc I only have access to htdocs and below since I’m on a managed wordpress.com hosting site that is already locked down a bit. Can you confirm that without the above changes in the link, WPDM for media upload or creating packages I can project my files without changes to nginx. Also which is the best way to do this?
Thanks,
Brian.
