The viewer access is working after the CUSTOM CODE TIMTHUMB FORBID RFI and MISC FILE SKIP/BYPASS RULE fix, but now it seems the Uploads Anti-Exploit Guard (UAEG) is not working. Now if I go to a direct path URL to any pdf file or even a .doc file in an uploads folder the file is accessible for download or to open. Is this suppose to happen? How do I get the pdf files to be opened by the “PDF viewer for WordPress” plugin but still blocked from people being able to access it directly if a search engine of hacker finds the file name of the server?
In Christ
guy te