0

I'd like to interfere htaccess redirect url to check if a visitor to that url has logged-in to wordpress or not. If not logged-in redirect to wordpress login page via htaccess.

I've already tried below codes. First one is in public-html folder and the second one into resources/ folder.

1)

Redirect 301 /resources https://external.com/directdownload-

2)

RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} ^.*(mp3|m4a|pdf|doc|xlsx|docx|xls)$
RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]
RewriteRule (.*) http://example.com/wp-login.php

The redirection is okay. But visitors outside of wordpress still able to access those links and download the file. How can i prevent them and put a mediator?

vordinerdo
  • 23
  • 1
  • 1
  • 8
  • You'd need to pass the whole cookie name which unique for each user for WordPress, would look something like this ''wordpress_logged_in_a24b64c1a635fcf22396f58178303034" so to my knowledge it isn't possible to achieve that via htaccess, but you could find a through php, is the directdownload- external to WordPress? how is it created? – Ali_k May 15 '19 at 16:17
  • directdownload- external to WordPress yes , its perl based script on external server which i control over, how can i implement the cookie? and why its not possible by htaccess? – vordinerdo May 15 '19 at 16:20
  • There is no way to my knowledge to use check for logged user using htaccess, because there is no static cookie name, so you might need to change your approach, just to make sure we are on same page, what would be a direct link to your website(just example)? what would be a link to a download? is the download link outside of WordPress(file handling the download)? – Ali_k May 15 '19 at 16:24
  • yes how can i apply wordpress cookies to perl based script? what is the proper area for question? – vordinerdo May 15 '19 at 17:39
  • I don't understand your question, I need an answer to the above question to be able to come up with an solution – Ali_k May 15 '19 at 17:54
  • what would be a direct link to your website(just example)? example.com what would be a link to a download? external.com/directdownload- is the download link outside of WordPress(file handling the download)? yes outside of wp and different server with perl script – vordinerdo May 15 '19 at 17:59
  • Do you mind providing sample code of this file? – Ali_k May 15 '19 at 18:01
  • its a very big download perl based script , which code do you want? not just one file script. – vordinerdo May 15 '19 at 18:03
  • just the start, I could make a check externally with PHP but not sure about perl, if you can write a request to for example. example.com/is_user_logged.php to check for a specific response I could help with the content of is_user_logged.php – Ali_k May 15 '19 at 18:05
  • ok you can download its demo from here and look codes: https://sibsoft.net/xfilesharing_free.zip – vordinerdo May 15 '19 at 18:12
  • This answer here might help you: https://stackoverflow.com/questions/47766275/check-if-wordpress-user-is-logged-in-via-external-script you'd need to create a file to check for user status on wordpress and check that file externally then allow download or not – Ali_k May 15 '19 at 18:26
  • can you pls express that step by step? – vordinerdo May 15 '19 at 19:33
  • to where should i add that front end script? – vordinerdo May 15 '19 at 20:08

1 Answers1

0
RewriteEngine On
RewriteCond %{HTTP_COOKIE} ^.*wordpress_logged_in.*$ [NC]
RewriteRule ^resources/?$ https://external.com/direct-download-link1
 [L,R=301]

This code in htaccess must check the cookie but it send site 500 internal server error.

vordinerdo
  • 23
  • 1
  • 1
  • 8