I have made a custom folder within WordPress' uploads
directory to house some downloadable files, however I don't want these to be directly accessible, they should only be accessible via a script for example.
To accomplish this I simply put a .htaccess
file in the respective folder containing:
Deny from all
My development environment is Windows and this was working fine, both the folder and file returned a 403 Forbidden
and I was able to force download the file via a script.
Now I have uploaded the site to a staging server that is running on Linux (RedHat I think?), Apache as well, but for both the folder and the file it returns a 404 Not Found
and hence the file download also fails.
What am I missing here? Why is it acting differently? Should I be putting some different/extra in the .htaccess
file?
Edit: I just noticed that whilst it IS stating it is a 404
, it is redirecting to a 403.shtml
file.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…