Be aware that even if you make it possible to download a document via restricted pages then the documents are still accessible by all users.

If a user knows the name of the document then it can be accessed.

Giving the documents very unique names will not solve that problem, as search-engines can find the documents and that could make them shown in search results.

You could tell search engines not to crawl the folders where you have the documents, but this is not a reliable method.

The best way is to secure your document-folder(s).

You can have several folders where access is restricted for different groups.

You should use htaccess. to secure the files.

See information here:

https://help.dreamhost.com/hc/en-us/articles/216363187-Password-protecting-your-site-with-an-htaccess-file

https://www.youtube.com/watch?v=o6q374gtNVg

Using htaccess. you have no holes in the system.

If the documents has no confidental information at all, then you could just use the method of making protected pages where you make download possible.

Maybe a better link: https://stackoverflow.com/questions/5229656/password-protecting-a-directory-and-all-of-its-subfolders-using-htaccess

If you want to use the not-so-secure solution with locked pages, then you create groups for the different access levels and then create users for the groups.

Another approach could be to use a document system.

https://www.phpjabbers.com/file-sharing-script/#sectionFeature

There is also the free ADMIDIO https://www.admidio.org/ - member system.

Depending on the number of users, if the document content is critical, if users should be able to co-work on the documents or if it is only a system for downloading documents with non-sensitive information, there is a lot of possibilities. The more information you could give the better answers you will maybe get back.

Using a document system for few users and non-sensitive documents could be as using a sledgehammer to crack a nut - but using secured pages as a method to access documets with sensitive information, could be as using a water pistol to fight against an army of machine-gun armed hackers.

General instructions for setting up a protected area can be found here, see

>> https://guide.websitex5.com/en/support/solutions/folders/44000373872

If problems arise or if you have specific questions, then report back and ask specific questions.

Attached are the screen shots showing that I cant add uers to the locked pages ?

screen shot showing no users listed ?

Thanks

@Andy

You have to create one or more groups that are NOT administrator

And of course - also create one or more users for the group(s) you create.

@Andy

*** IMPORTANT ***  You have exposed admin passwords in the attchments. It is important that you change these immediately.

Hi John.

Thanks for the info, think I now have the list populating .

The passwords etc are for testing purposes any way but I will change everything, thanks for the pointer.

Regards

Andy

Got the list populating, made page hidden and set to locked with access to one of the users on the list. Uploaded the site but can't access the page, get 404 error ?

The page you have "locked" is now made as a PHP-page. The original html page still exists.

Some of the links in the project maybe need to be refreshed.

You should delete the html-page.

What happens if you directly specify the URL that leads to the PHP in the browser?

You probably know, but it has to be tested on the server - PHP functionality cannot function in the preview.

If I try direct amwarkup.co.uk/andy-addy.php       get page 404

This page is not in our directory ?

Try a full upload of your project.

It seems that you now are very close to the finish line