Creating a Secure File Hosting Server for PDFs

Question

I\'m working to develop a website that allows clients to log in and see various PDFs saved on the server. These PDFs will be unique to the client and should no

Answer 1

The easy way is to give these files long random filenames (say, 20 random characters). Technically they will be accessible by anyone, but it will not be possible to guess the URL, so only authorized people will have access.

Alternatively John Conde already outlined a way to serve a file from a PHP script. It will incur a small performance penalty, but will be as secure as your code is. The only thing I can add is that if you cannot place them outside webroot, then you might be able to use .htaccess to prevent people from accessing the files directly.