How to protect my PDF file to registered members only?

Windly · August 17, 2009, 8:27am

Thanks very much for this information

CSU_Bill · August 17, 2009, 12:20pm

Does this mean that keeping the site on a Windows will not work? What do I need to be looking for in this situation?

felgall · August 17, 2009, 7:46pm

What you need to do is to get a setup with a server side language installed that can be used to build all the security features you require. On a Windows platform running IIS the most commonly provided server side languages are those that run on the .NET framework. PHP can run on that setup but is more commpnly run on the Apache web server rather than IIS. Apache can run on Windows but is more commonly run on Linux.

shaunole · August 17, 2009, 11:22pm

We use php on a Windows based server and sell PDF documents to our customers. Since a lot of the DRM can be disabled and most DRM requires that the client software also supports the same DRM features, these solutions haven’t proven to work efficiently for us. Our work around was to stamp the purchasers name and account number on each page of the PDFs we sell. This is all done server-side so there is no client support needed.

So far, this has proven to work real well for us.

Shaun Oleson

chrisranjana · August 18, 2009, 11:57am

Are you generating the pdfs dynamically ?

If so As an added level of security, you can investigate and find out whether you can password protect the individual pdf files dynamically.

CSU_Bill · August 18, 2009, 6:26pm

Stephen,

Thanks for the information. I suspect we will be shifting to a Linux server, but I suppose I need to start learning to work with Windows Servers.

CSU_Bill · August 18, 2009, 6:31pm

These are frequently Word documents that are converted to PDF. I think the solution is to shift to a Linux host and use .htaccess to control who gets into the folder.

However, I will be learning how to do this on a Windows host that is better provisioned.

shaunole · September 3, 2009, 12:21pm

Beware of relying solely on PDF passwords or DRM to protect your documents. There are a number of sites out there that will allow you to upload a pdf and then return you an unsecured PDF.

shaunole · June 25, 2010, 2:21pm

John,

Either the software the client is using would need to support the plugin/added protocol or the username/password authentication would have to be server/client based. In either case, there would be applications that would make it pretty easy to get around that security. Whether that application acts as a proxy between the client & server or the user chooses a product that doesn’t support that plugin.

Feel free to correct me if I’m wrong. It’s just my understanding that the Portable Document Format security isn’t necessarily fool-proof.