The only way to reliably do this is to make it so the files' directory is
not accessible via HTTP. The two most common ways to do this are:

- put directory above / outside the webroot
- tell IIS / Apache / webserver to disregard directory (if it's under /
inside webroot)

...and then retrieve / serve files using CFML tags:
http://ray.camdenfamily.com/index.cfm/2006/3/10/Ask-a-Jedi-Using-ColdFusion-to-serve-files



On Fri, Aug 10, 2012 at 2:02 PM, Robert Rhodes <rrhodescf@gmai...> wrote:

>
> Hello everyone.
>
> I have a site where a password is required to access the site.  On pages in
> the site, there are links to download files.  I set the appropriate meta
> tags and robots.txt to tell the search engines to not spyder the site.
>
> Though the site pages are not in google, the files are showing up.  that's
> bad.
>
> It's a lot of files, so before I code up a solution to access all the
> through logic so I can control the permissions, is there some way to
> protect a directory so that files can't be downloaded without being logged
> in on the site?
>
> My guess is the answer is no, but I thought I would ask.
>
> -RR
>
>
>

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~|
Order the Adobe Coldfusion Anthology now!
http://www.amazon.com/Adobe-Coldfusion-Anthology/dp/1430272155/?tag=houseoffusion
Archive: http://www.houseoffusion.com/groups/cf-talk/message.cfm/messageid:352084
Subscription: http://www.houseoffusion.com/groups/cf-talk/subscribe.cfm
Unsubscribe: http://www.houseoffusion.com/groups/cf-talk/unsubscribe.cfm