How to Use Prevent Direct Access S3 Integration

PDA S3 Integration extends Prevent Direct Access Gold feature by allowing you to protect files hosted on Amazon S3 bucket.

You can sync your private and confidential WordPress files to Amazon S3 seamlessly as well as protect them automatically. So no one can access the files without your permission.

• Sync and offload files to Amazon S3
  • Existing files
  • New file uploads
• Logic and Limitation
  • Display protected files in content
  • Handle large files

Requirements:

• Prevent Direct Access Lite version 2.7.0 or greater
• Prevent Direct Access Gold version 3.2.0 or greater
• PDA S3 Integration extension version 1.3.1 or greater

Before starting, please make sure you have created an Amazon S3 bucket and configure our plugin’s settings page.

How to sync and offload files to Amazon S3

While “syncing” files still keep the files’ copies in the hosting server, “offloading” files will remove all of them.

For existing files

If your files are already in the Media Library, you can use the “Sync” button to copy them to the Amazon S3 bucket.

Sync button will display when you hover over the file title as well as opening our configuration popup under Media Library List View.

In case you have a lot of files, use Bulk Actions to sync multiple files at once.

For new file uploads

Simply enable the following options under our plugin’s settings page:

• Enable option (1) if you want to backup file uploads in your hosting server
• Enable options (1) and (3) if you want to store all file uploads in Amazon S3 bucket only.

How Amazon S3 Integration works

Amazon S3 secures files by making them private. That means no one can access the file URL directly, including the file’s author as well as the administrator (root user). As a result, if you protect an offloaded file, no one can see or access the file under the WordPress Admin Dashboard.

However, our plugin still allows administrators to see the file thumbnail in Media Library List View.

In order to avoid this limitation, instead of displaying their S3 private links under the Admin dashboard, we still use the server protected links with protected synced files. That’s the reason why the protected URL is not an S3 link.

Display protected files in content

When a file is embedded in content, our plugin will check the visitor’s permission and generate a signed S3 link allowing them to see the protected file in a period of time.

Please note that we only check the content selected under our Search and Replace option to avoid performance issue.

Handle large files

As of now, our plugin only protects S3 files uploaded via WordPress Media Library. We haven’t handle the case where files already exit on S3 bucket.

To upload large files to WordPress site, you can upload them via FTP to uploads folder and then use Add from server plugin to show the files in Media Library.