I have made a custom folder within WordPress' uploads directory to house some downloadable files, however I don't want these to be directly accessible, they should only be accessible via a script for example.
To accomplish this I simply put a .htaccess file in the respective folder containing:
Deny from all
My development environment is Windows and this was working fine, both the folder and file returned a 403 Forbidden and I was able to force download the file via a script.
Now I have uploaded the site to a staging server that is running on Linux (RedHat I think?), Apache as well, but for both the folder and the file it returns a 404 Not Found and hence the file download also fails.
What am I missing here? Why is it acting differently? Should I be putting some different/extra in the .htaccess file?
Edit: I just noticed that whilst it IS stating it is a 404, it is redirecting to a 403.shtml file.
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
