Now it is enabled Here is the security log on the blocked file
[403 GET Request: June 19, 2016 5:54 pm] Event Code: BFHS - Blocked/Forbidden Hacker or Spammer Solution: N/A - Hacker/Spammer Blocked/Forbidden REMOTE_ADDR: xxx.xxx.xxx.xxx Host Name: pool-xxx-xxx-xxx-xxx.pghkny.fios.verizon.net SERVER_PROTOCOL: HTTP/1.1 HTTP_CLIENT_IP: HTTP_FORWARDED: HTTP_X_FORWARDED_FOR: HTTP_X_CLUSTER_CLIENT_IP: REQUEST_METHOD: GET HTTP_REFERER: http://example.com/jim-r-trust/ REQUEST_URI: /themencode-pdf-viewer-sc/?file=http://example.com/wp-content/uploads/2016/06/pdf-viewer-for-wordpress-license.pdf&settings=111111111&lang=en-US QUERY_STRING: HTTP_USER_AGENT: Mozilla/5.0 (Windows NT 6.3; WOW64; rv:47.0) Gecko/20100101 Firefox/47.0