Making a private folder

[billbeee]

Hi All,
Appologies if this has been answered before but I could not find it anywhere.
I have a website hosted elsewhere with a sub-domain hosted by bluehost. the sub-domain is http://extras.builderbill-diy-help.com/

The purpose of the sub-domain is to host dlguard which is to safely handle downloading of my pdf e-books etc. dlguard is set up in the folder http://extras.builderbill-diy-help.com/admin/index.php

I want to know where to store my pdf files so that dlguard can access them, the instructions that they give are:-

It is recommended that you store your files in a randomly named folder such as "hq3akua3y3n89kla1Eg" so that people cannot simply guess your file location.
For example, "http://www.example.com/hq3akua3y3n89kla1Eg/file.zip"

Is doing it this way secure? Can people just search the list of folders in what is the public section?

dlguard also say this:-

If you wish, you can store your file in a non-web accessible folder (ie. outside of your public_html folder).
When using this option, instead of using a full URL, simply use a file path such as: /folder/file.zip

If I use this method, where or how do I set up a private folder that dlguard can access?
Cheers
Bill

[felgall]

The most secure way is to store them above the public_html folder where they are only accessible via the script. Which is the last method you mention. Simply create a folder at the same level as public_html and put them in that.

The second most secure way is to password protect the folder you put them in but don't set a user and password so that there is no valid login to that folder. You can easily set up a folder that way using the appropriate option in cPanel.

[billbeee]

Hi Steven,
Thanks for that, much appreciated. I've gone for the most secure option.
Cheers
Bill