a little progress has been achieved: After I moved the Subdomain to the Maindomain, I have the plugin and the Plus Package first uninstalled or disabled. After the page was set up (also with https) I reinstalled the plugin and also the plus package. Afterwards I did all three steps again: Insert the code in the web root into the .htaccess file, then click on Visitors Posts and Categories - Media - click "Read" and finally I have in the settings "Media File Access Control" activated.
Then the test: If I enter a domainpath to any PDF file, this can unfortunately still be seen. That would have to be fixed!
The progress is, which was not the case before, if I enter this domain individually for visitor accounts and categories - media - URI Access, this file will be blocked as it should :-)
Maybe you could now see where the mistake could be. Request for Info