I have a directory which contains a zip file and a pptx (PowerPoint) file. In the directory is this .htaccess (regex?) code:

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(www.)?mydomain.me.uk/ [NC]
RewriteCond %{REQUEST_URI} !hotlink.(pptx|ppt|pdf|zip|7z|rar|xls|xlsx|doc|docx) [NC]
RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]
RewriteRule .*.(pptx|ppt|pdf)$ http://mydomain.me.uk/  [NC]

When a user puts in the direct URL for pptx file, they are correctly served a 404 unless they are logged in. For zip and 7z (7zip) files they can still download those files without being logged in, even though those file extensions are correctly listed (to block) in my .htaccess code.

Why doesn’t this code work for archived files?

Read more here: Why can’t I force users to login to download a zip file from my website?


If you know the solution of this issue, please leave us a reply in Comment section, to update the question.

Wordpress related questions and answers: