6 Replies Latest reply: Oct 16, 2008 4:24 AM by Newsgroup_User RSS

    Password Protect a File

    pbsum83 Community Member
      Hello,

      I have a PDF file for download on my site, and I'd like to set it up so you have to enter a password (same password for all users) before downloading. What's the easiest & best way to do this?
        • 1. Re: Password Protect a File
          Newsgroup_User Community Member
          > I have a PDF file for download on my site, and I'd like to set it up so
          > you
          > have to enter a password (same password for all users) before downloading.
          > What's the easiest & best way to do this?

          Easiest would be to put the PDF in a folder on your site, then ask the site
          host to password protect it on the server for you.

          -Darrel

          • 2. Re: Password Protect a File
            Newsgroup_User Community Member

            And if that is not possible, or if you prefer a login box that is
            friendlier and fits into your page layout, AND if your security needs
            not as rigorous as a server-side solution would allow, then you can also
            check out http://valleywebdesigns.com/vwd_passprotect6.asp

            --


            E. Michael Brandt

            www.divahtml.com
            www.divahtml.com/products/scripts_dreamweaver_extensions.php
            Standards-compliant scripts and Dreamweaver Extensions

            www.valleywebdesigns.com/vwd_Vdw.asp
            JustSo PictureWindow
            JustSo PhotoAlbum, et alia

            --
            • 3. Re: Password Protect a File
              Newsgroup_User Community Member
              > And if that is not possible, or if you prefer a login box that is
              > friendlier and fits into your page layout, AND if your security needs not
              > as rigorous as a server-side solution would allow, then you can also check
              > out http://valleywebdesigns.com/vwd_passprotect6.asp

              For what it is, it's quite nice, but the one issue I'd have is that the URL
              to the document itself isn't protected...just the link to it from the web
              site. So once someone has the link to the actual file, it can easily escape
              into the wild to be indexed by a search engine (not that the document,
              itself, couldn't also be released into the wile no matter the password
              protection method).

              -Darrel

              • 4. Re: Password Protect a File
                Newsgroup_User Community Member

                True - if someone were to create an href link to the protected page,
                then the gig is up. There's nothing like server-side protection when it
                is set up and functioning properly.

                --


                E. Michael Brandt

                www.divahtml.com
                www.divahtml.com/products/scripts_dreamweaver_extensions.php
                Standards-compliant scripts and Dreamweaver Extensions

                www.valleywebdesigns.com/vwd_Vdw.asp
                JustSo PictureWindow
                JustSo PhotoAlbum, et alia

                --
                • 5. Re: Password Protect a File
                  Newsgroup_User Community Member
                  .oO(E Michael Brandt)

                  >True - if someone were to create an href link to the protected page,
                  >then the gig is up.

                  It doesn't even require an explicit link. URLs may "escape" into the
                  wild in half a dozen different ways (e.g. published access logs, HTTP
                  referrers, forced browsing, ...) SEs can find almost everything in some
                  time, even if it's not explicitly linked somewhere.

                  Micha
                  • 6. Re: Password Protect a File
                    Newsgroup_User Community Member

                    > It doesn't even require an explicit link. URLs may "escape" into the
                    > wild in half a dozen different ways (e.g. published access logs, HTTP
                    > referrers, forced browsing, ...) SEs can find almost everything in some
                    > time, even if it's not explicitly linked somewhere.

                    This has been stated here many times, however experience has not
                    supported it. In the years that PP6 has been used, not once have I
                    heard that a breach has occurred. That's not to say it can't, or that
                    it has not actually happened unbeknownst to the site owner or developer,
                    but certainly I've never heard that it has.

                    --


                    E. Michael Brandt

                    www.divahtml.com
                    www.divahtml.com/products/scripts_dreamweaver_extensions.php
                    Standards-compliant scripts and Dreamweaver Extensions

                    www.valleywebdesigns.com/vwd_Vdw.asp
                    JustSo PictureWindow
                    JustSo PhotoAlbum, et alia

                    --