wordpress root folder .htaccess

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^http://(www.)?SOMEIP [NC] 
RewriteCond %{HTTP_REFERER} !^http://(www.)?SOMEIP.*$ [NC] 
RewriteRule .(pdf)$ denied.php [L]

The folder /wordpress/documents contains all .png files uploaded by user. To dispaly file to user, the url is http://SOMEIP/wordpress/web/viewer.php?name=filename.png?1424355387. Here time() is appended with filename.

documents folder has permission set 755 and when anyone directly access, it thorws Forbidden exception. But when I directly access file using http://SOMEIP/wordpress/documents/filename.png, its simply showing the image on the page.

another .htacess inside documents folder conatins following code’

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(www.)?SOMEIP [NC] 
RewriteCond %{HTTP_REFERER} !^http://(www.)?SOMEIP .*$ [NC] 
RewriteRule .(gif|jpg|png)$ denied.php [L]

Where denied.php is the file showing Access denied message. I want to prevent the image showing as http://someip/wordpress/documents/sample.png directly in the url bar and the htaccess is not working.

Read more here: View file but prevent from DIRECT URL ACCESS?


If you know the solution of this issue, please leave us a reply in Comment section, to update the question.

Wordpress related questions and answers: