The Web Design Group

... Making the Web accessible to all.

Welcome Guest ( Log In | Register )

 
Reply to this topicStart new topic
> Secure pdf files on a web server
joehesse
post Sep 4 2018, 05:45 AM
Post #1





Group: Members
Posts: 7
Joined: 5-July 18
Member No.: 26,667



Is there a way to store secure pdf documents on a web server, outside the server's root directory, so they can only be viewed by authorized users from their browser?
Since these files are outside the server's root directory, they can only be accessed by code running on the server. Is there some PHP magic that will do what I want?
Thank you,
Joe
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
pandy
post Sep 4 2018, 09:41 AM
Post #2


🌟Computer says no🌟
********

Group: WDG Moderators
Posts: 20,716
Joined: 9-August 06
Member No.: 6



Not sure, Christian probably knows this better, but I *think* you can make PHP copy the file to a web accessible directory.

But why do the files need to be above the root? Can't you just use a password protected directory? Passwords must come into it anyway.
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
joehesse
post Sep 4 2018, 10:10 AM
Post #3





Group: Members
Posts: 7
Joined: 5-July 18
Member No.: 26,667



QUOTE(pandy @ Sep 4 2018, 09:41 AM) *

Not sure, Christian probably know this better, but I *think* you can make PHP copy the file to a web accessible directory.

But why do the files need to be above the root? Can't you just use a password protected directory? Passwords must come into it anyway.


I want the files to be above the root so they can only be read by logged in users. If the files were in a directory in root or below, wget will get them. I think that any file permissions that make the web browser access the files will also allow wget to work.
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
Christian J
post Sep 4 2018, 11:36 AM
Post #4


.
********

Group: WDG Moderators
Posts: 9,630
Joined: 10-August 06
Member No.: 7



QUOTE(pandy @ Sep 4 2018, 09:41 AM) *

Not sure, Christian probably know this better, but I *think* you can make PHP copy the file to a web accessible directory.

Yes that should work (though I don't think I've ever tried it).

QUOTE(joehesse @ Sep 4 2018, 05:10 PM) *

If the files were in a directory in root or below, wget will get them.

Not if they're password protected. And even if they're above the web root, wget might be able to get them through the PHP script (unless it's password protected).

That said it's still slightly safer to put them above the web root, in case something goes bad with the password protection. But again, the same might be said for the PHP script's password protection...
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post
pandy
post Sep 4 2018, 04:25 PM
Post #5


🌟Computer says no🌟
********

Group: WDG Moderators
Posts: 20,716
Joined: 9-August 06
Member No.: 6



What Christian said. smile.gif
User is offlinePM
Go to the top of the page
Toggle Multi-post QuotingQuote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



- Lo-Fi Version Time is now: 28th March 2024 - 04:05 AM