The User Private Files makes use of the .htaccess file to restrict the unauthorized access and makes a file private to the authorized users only. But the .htaccess file is available on Apache servers only. If you are using nginx server or hosting, you would need to make modifications to the configuration file called “nginx.conf”. Follow the below steps to configure nginx server for securing the files:

Step 1. Locate nginx.conf:
The nginx.conf file typically resides in the Nginx configuration directory. Example path: /etc/nginx/nginx.conf.
Open nginx.conf – Use a text editor or command-line tools (vi, nano, etc.) to open the file.

Step 2. Locate the server Block:
Find the server block where you want to add the new location block. Ensure it’s within the appropriate context.

Step 3. Insert the Location Block:
Add the following code snippet inside the server block, replacing {website} with your actual website name:

location ~ ^/wp-content/uploads/upf-docs/(.*)$ {
    rewrite ^/wp-content/uploads/upf-docs/(.*)$ https://www.example.com/?file=$1 last;
}

Replace example.com in the code snippet with your website URL .

Step 4. Save Changes:
Save the nginx.conf file after adding the new location block.

Now test this by pasting the URL to a file in a private browser window and it should give a permission error.