Wordpress hiding download button for files

One of the nice small improvements is the ability to disable unwanted blocks. By default, WordPress arrives with dozens of blocks and every time you install a plugin, there's a chance that the plugin will add many more.

There are some excellent plugins such as Advanced Gutenberg that can super-charge your site with even more powerful blocks. If your site ends up with hundreds of blocks, your writing interface will be slow and confusing. Merge the selectors from step 1 and 2 to build a final selector. The class from body comes first, following this pattern:. The element will not be displayed in the URL that prints the unique class from step 2. However, it will remain visible on the rest of your pages.

Its premium version adds on a secure option that makes it much more difficult for users to download the original PDF document. There are 3 common ways to prevent direct access to your content, namely, password protecting, expiring and changing their URLs and restricting their access using a membership plugin. The main drawback of these methods is your attached PDF files are actually not protected.

As a result, people could still access and share these private PDF documents. The other and arguably better solution is to block direct file access to these PDF documents. We will never send you spam. Your email address is secure. Do you ever run into any browser compatibility problems? A number of my blog readers have complained about my blog not working correctly in Explorer but looks great in Safari.

Do you have any suggestions to help fix this problem? Hello, can you open a support ticket please? The theme is very flexible, so I think there must an easy way to do this, could you point me towards the right direction please? Many thanks. Thank you for your thorough and most helpful article on protecting PDFS. May I ask a, probably very silly, question?

In fact, no matter where you try to hide the files, Google and others would still be able to find, index and access them. So the solution is to protect and not to hide. Hi Elena, thanks for posting this helpful article. Can you help me resolving following problem? There is a contact form on my website.

When a user fills the form and click send button, a pdf link is sent along with email message to that user. I want to expire that link for that user only after some days say 7 days of that email. And when second user does the same, link should be expired for second user also after same no of days. Can you please drop an email to Prevent Direct Access Team — hello at preventdirectaccess.

They will advise you accordingly. Hey Elena! Thanks for good article it really helps me. In my website user can buy membership that now allows him to download pdf files.

Is there anyway to prevent downloading this pdf files but user can print these pdf documents. That prevents users to share those documents to others. Thanks for help. I do accept as true with all of the ideas you have presented in your post. They are very convincing and can definitely work. Nonetheless, the posts are too quick for newbies. May just you please lengthen them a bit from subsequent time? Thanks for the post. Simply want to say your article is as surprising.

The clearness for your submit is just great and that i can think you are knowledgeable in this subject. Cleaning it up is as easy as deleting the file or code. However, the difficult part is finding it. You can start with one of the following malware scanner WordPress plugins. Out of those, we recommend Sucuri yes it is paid. You can also use the Exploit Scanner , but remember that base64 and eval codes are also used in plugins. So sometimes it will return a lot of false positives.

If you are not the developer of the plugins, then it is really hard for you to know which code is out of its place in the thousands of lines of code. The best thing you can do is delete your plugins directory , and reinstall your plugins from scratch. Yup, this is the only way you can be sure unless you have a lot of time to spend. One of the scanner plugins will find a rogue file in the uploads folder.

But if you are familiar with SSH, then you just need to write the following command:. There is no good reason for a. The folder is designed for media files in most cases. If there is a. As we mentioned above, often the inactive themes are targeted. The best thing to do is delete them yup this includes the default and classic theme.

If it was, then it is gone now. You just saved your time from looking, and you eliminated an extra point of attack. Sometimes the redirect codes are being added there. Just delete the file, and it will recreate itself.

Settings » Permalinks. Click the save button there. It will recreate the. Compare this file with the default wp-config-sample. If you see something that is out of place, then get rid of it. A smart hacker will never have just one safe spot. They create numerous ones. Targeting a database full of data is a very easy trick. You will see that there are 3 users, and you can only see 2.

Chances are you are hacked. Exploit Scanner plugin or Sucuri paid version both takes care of that. Alright so the hack is gone. Open your browser in an incognito mode to see if the hack comes back. Sometimes, these hackers are smart. They will not show the hack to logged in users. Only logged out users see it. Sometimes, the hackers only want to target the search engines. If all looks great, then you are good to go.

This may not be an option for everyone, so you have to live on the edge. Our 1 advice would be to keep strong backups VaultPress or BackupBuddy and start using a monitoring service.

Like we said earlier, you cannot possibly monitor everything that goes on your site when you are doing tons of other things. This is why we use Sucuri. It might sound like that we are promoting them. But we are NOT. Yes, we do get an affiliate commission from everyone who sign up for Sucuri , but that is not the reason why we are recommending it. We only recommend products that we use and are quality. It is because they are good at what they do. We always say that the best security measure is great backups.

Please please please keep good regular backups of your site. Starting using a reliable solution like BackupBuddy or VaultPress. This way if you ever get hacked, you always have a restore point. Also if you can, just get Sucuri and save yourself all the trouble.

They will monitor your site, and clean it up if you ever get hacked. We hope that this article helped you. Feel free to leave a comment below if you have something to add. Disclosure: Our content is reader-supported.

This means if you click on some of our links, then we may earn a commission. See how WPBeginner is funded , why it matters, and how you can support us. Trusted by over 1. Get FREE access to our toolkit — a collection of WordPress related products and resources that every professional should have!

In my all sites there was automatically malicious pages generated and it will shown on google and these pages were not shown in my wordpress dashboard and in posts sections. Please Help me to find codes and get secured from this hacking I have losted many traffic from my WordPress site.

Please Help Me! Please see our article on how to clean a hacked WordPress site.