Currently

• There is no security and any public visitor can access a document by direct URL if they know where to look

Desired

• Add the ability to set permissions on folder and files so that only selected people can access them, in a similar nammer to page management.
  

 

A secure file storage area would be a huge benefit to our organization where we change officers every year.  If there was a secure area, our board members would save files in the secure area as they work on them.  Right now we have a restricted access area for our board members and this has helped improve the transition.

If this restricted access area could have a folder associated with the restricted area that any file placed in this area could only be accessed by users that are granted access to the restricted access area.  When using the file browser tool the secure file should be differentiated with the padlock symbol or something similar identifier.  This secure area should be accessible through webDAV based on username & password.

We also have board-sensitive and members-only documents that we want to distribute via our web site with access restrictions.  webDAV would be interesting, but access restrictions over http is the key feature for us.

Restricted file access within the members-only area is of highest priority to my organization.

In fact, we bought into this system based on, among other things, the statement found in your website that (WildApricot does) "Provide secured access to members.
Create web pages with premium content accessible only to your members - industry research, best practices and more. Easily upload PDF documents, Microsoft Word files and Excel spreadsheets into the secure members-only section."

We would hope to see this feature implemented in the very near future.

I definitely support this. On one of the marketing pages, the sentence "Easily upload PDF documents, Microsoft Word files and Excel spreadsheets into the secure members-only section." definitely implies that documents are secure.

Was not impressed by tech support telling me that  there is no WA search engine - one would have to use a third-party public search engine. Most people use google, etc. very well.

Really disappointed in this. Looks like we will be investigating migrating all board documents (3 years of PDFs) to our restricted googles group.

I sell information. The most modern way of doing that is through audio and video, but there isn't enough space here to do that without linking to youtube (which isn't membership protected) or going off site. It's enough of a bother to keep me searching for another member management service. :(

 

Not to mention that it took me 2 hours to figure that out. Linking audio and video isn't difficult to do. I just assumed that that would be a part of this program too. 

I agree - our association would also like to control file content at the folder level to logged-in members only. (For example, document downloads.)

Let me summarize: we are talking about 2 kind of restrictions to the files:

1) On public/member side of the site:
When an admin added file link to the web pages, this link should be available to only specific groups of visitors. And even if the visitor allowed to download the document would copy the link and send to somebody else, this person will not be able to open the file.  

2) On admin part site:
Not all admins are allowed to add/view/delete all files. Some admin should be restricted to only specific number of files (folders). This allows to keep files that are available only for full site admins and admins with partial admin access will not be able to view/delete or download the files. 

Are both points important? Or only first one?  

---

Evgeny
Product Design Team

Both are important - which ranks higher depends on the organization.

For us the later is least important in the short term but.... 

Wow, the reality is files are not securely stored. It means Google's search engine will find our pdf documents, Word files, and Spreadsheet and list them in search results. 

There needs to be a place where no one but those who have been given access can download files. On a standard website, this is done by creating a folder for files inside another secure folder. 

Until Wild Apricot does provide secure storage of files, what is a work-around that you are using?  

Google can't find them if you do not link to those documents on public pages. Google can't guess their URLs - instead their crawlers follow the links from pages they already have access too (start from site homepage, follow links from there)

---

Dmitry Buterin, Chief Apricot

This is a huge issue for us: we have documents that are available free of charge to members, but  for which others have to pay (a lot).  We have just discovered that they can be found using Google...

 

Clearly, we will restructure the document storage and ensure that there are no public links to the new locations: but this is really very disappointing.

 

Of your options,  '1' is the big one.  '2' is vastly less important.

Just FYI: they can only be found by Google if someone posts a link to then on some other public webpage.

---

Dmitry Buterin, Chief Apricot

I agree that this would be extremely helpful functionality, particularly if one is using Wild Apricot for groups or committees to work together and/or as one's main website.

 

---

AGB