Thanks for the tip. eStore looks perfect.
Sure.
This is my site – http://www.touchwebdesign.com
Imagine if I uploaded a sensitive test.pdf to my site. It would go into uploads folder.
I could password protect the link to the PDF, make the filename hard to guess, but if Google indexed the file or someone knew the location of the PDF, they could bypass all the security with one click eg. http://www.touchwebdesign.com/wp-content/uploads/2016/01/test.pdf
Using S3 is one option – there has to be a token access key before it is allowed to be downloaded. The access key is not accessible without being logged in.
What is stopping people sharing the link to the file via Facebook?
Can people type in the url directly to a file (in wp-content / media upload)?
Maybe after Google has indexed the file?
