Thanks Ben and Alan, I've got a dedicated server, so I can put the file anywhere.
As the book isn't too big I'm thinking of emailing it out. Not sure if I can put the attachment outside the web root using cfmail? Jenny -----Original Message----- From: Alan Rother [mailto:[EMAIL PROTECTED] Sent: 21 July 2006 17:26 To: CF-Talk Subject: Re: Book site - secure download? Ben is right, the best way to do it is to keep the files above the web root, if possible. Not all hosting companies provide you with this ability. In my experience, it's not a huge drain on CF resources to force the download of a document through CFcontent, so it's shouldn't hurt too much. If you cannot store the pdf files above the web root, the other options are not terribly pleasant: 1. You can store all of the pdf files buried deeply in all sorts of nested folders with awful file names like - /lkhslfdfsd/afdafdfsd/weflgiherb89/r9fusldfh98syfdh/ - you know, something no one could just guess. - Name all of the PDF files using a UUID and then cross reference them using your database - Then, when someone purchases a PDF you copy it to a temp folder named using their transaction number, or a UUID you store in the DB. - Rename the file to something relevant to the book they bought - Delete the temp folder after some reasonable time period, like 3 days 2. You can store all of the PDF files in password protected zip files - When someone buys a book, you extract it from the zip file and put it in a temp folder like the above example. None of this is perfect, if someone is going to share the book they can just send them a copy of the PDF, all of the ideas presented here will only help mitigate the possibilty that someone hacks your file structure and downloads all of you files for free. Hope this was helpful. -- Alan Rother Macromedia Certified Advanced ColdFusion MX 7 Developer ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~| Introducing the Fusion Authority Quarterly Update. 80 pages of hard-hitting, up-to-date ColdFusion information by your peers, delivered to your door four times a year. http://www.fusionauthority.com/quarterly Archive: http://www.houseoffusion.com/cf_lists/message.cfm/forumid:4/messageid:247395 Subscription: http://www.houseoffusion.com/lists.cfm/link=s:4 Unsubscribe: http://www.houseoffusion.com/cf_lists/unsubscribe.cfm?user=89.70.4