Secure pdf files on a web server |
Secure pdf files on a web server |
joehesse |
Sep 4 2018, 05:45 AM
Post
#1
|
Group: Members Posts: 7 Joined: 5-July 18 Member No.: 26,667 |
Is there a way to store secure pdf documents on a web server, outside the server's root directory, so they can only be viewed by authorized users from their browser?
Since these files are outside the server's root directory, they can only be accessed by code running on the server. Is there some PHP magic that will do what I want? Thank you, Joe |
pandy |
Sep 4 2018, 09:41 AM
Post
#2
|
🌟Computer says no🌟 Group: WDG Moderators Posts: 20,730 Joined: 9-August 06 Member No.: 6 |
Not sure, Christian probably knows this better, but I *think* you can make PHP copy the file to a web accessible directory.
But why do the files need to be above the root? Can't you just use a password protected directory? Passwords must come into it anyway. |
joehesse |
Sep 4 2018, 10:10 AM
Post
#3
|
Group: Members Posts: 7 Joined: 5-July 18 Member No.: 26,667 |
Not sure, Christian probably know this better, but I *think* you can make PHP copy the file to a web accessible directory. But why do the files need to be above the root? Can't you just use a password protected directory? Passwords must come into it anyway. I want the files to be above the root so they can only be read by logged in users. If the files were in a directory in root or below, wget will get them. I think that any file permissions that make the web browser access the files will also allow wget to work. |
Christian J |
Sep 4 2018, 11:36 AM
Post
#4
|
. Group: WDG Moderators Posts: 9,656 Joined: 10-August 06 Member No.: 7 |
Not sure, Christian probably know this better, but I *think* you can make PHP copy the file to a web accessible directory. Yes that should work (though I don't think I've ever tried it). If the files were in a directory in root or below, wget will get them. Not if they're password protected. And even if they're above the web root, wget might be able to get them through the PHP script (unless it's password protected). That said it's still slightly safer to put them above the web root, in case something goes bad with the password protection. But again, the same might be said for the PHP script's password protection... |
pandy |
Sep 4 2018, 04:25 PM
Post
#5
|
🌟Computer says no🌟 Group: WDG Moderators Posts: 20,730 Joined: 9-August 06 Member No.: 6 |
What Christian said.
|
Lo-Fi Version | Time is now: 24th April 2024 - 06:53 PM |