Where would you store files that are meant for sale on an e-commerce website?
+1
A:
On a secure server in a network zone that is not directly accessible from the internet. Your webserver can then access and retrieve files only for authorised users.
Kris C
2010-02-23 21:22:00
+1
A:
Rule of thumb: Not in htdocs (i.e. not accessible from the internet).
What do you want to do with those files? Offer them for downloading after a customer payed? You should manage the credentials by a server sided script (e.g. a PHP script) and give that script access to the file.
Larry_Croft
2010-02-23 21:23:33
Yes, the files should be available for download to users that have payed for them.
Emanuil
2010-02-23 21:27:01
+2
A:
Somewhere out of htdocs/wwwroot/etc. You don't want anyone to link to them directly. You should have a page/script that can read that location and send the file back.
consultutah
2010-02-23 21:26:20