So .htaccess is a file that is placed on the server to help make our internal files secure. First here is a Wikipedia link on what .htaccess is. For our server the .htaccess is placed in the Internal folder. Below is the actual contents of the file.
So for this site, we have decided that we only want to secure all files/directories in the “Internal-Documents” folder. So if any page uses any media, or file somewhere under here. The user will need to be logged into the system. If someone does try to access a file, they will receive a 403 error message.
Below is the file (.htaccess) that we placed in the “Internal-Documents” folder.
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} (.*)
RewriteCond %{HTTP_COOKIE} !^.*wordpress_logged_in.*$ [NC]
RewriteRule .* - [F,L]