Users gated content | is content secure / still crawlable?

Hello,

I have a question regarding the “users” feature for gated content upon successful user login.

When Webflow says “server side rendering”, I understand the page is only generated when the user has succesfully logged in. But is the content, like images, PDF of my collection list also secured in a way that is not accessible / crawlable ?

Before using “users” I had misadventures with having PDF file being stored on Amazon servers by webflow and being totally vieable and scrollable if someone had the right URL.

My question is, does Webflow store file securely when using “users” feature ?

EDIT:

I did a test, it seems indeed Webflow doesn’t protect the files that are gated :frowning:
The URL of the hosted PDF file is stilla accessible eventhough the section is gated / shown/hidden based on the login status of the user.

How do We keep files safe / hidden from unauthorized access ?



@anthonysalamin - Use Memberstack where this is supported and can be implemented.

If the scenario you’re trying to protect against is- Bob logs in, Bob gets the asset link, Bob shares the access link on Reddit, the world now has your file…

Then the solution i’d use in a User Accounts setup is a reverse proxy to gate the asset by access group in the same way Webflow gates the pages. There are some complexities there if you have a lot of different access group security configurations, and different files you want to secure in different ways, but otherwise the process is straightforward enough.

Keep in mind though, that for that build investment, I’m not clear on how much more content security you actually get. There isn’t much to deter an authorized subscriber from just downloading the file itself and distributing it.

If you go that direction you might try watermarking techniques to capture the user’s ID in the file?