Fillable PDFs Fillable PDFs

Protecting Your PDFs

Download Permissions

When a user attempts to download a generated PDF, Fillable PDFs does a series of checks to see if the user has access to the PDF. If the user or PDF passes one of the following checks, they are granted access to download the PDF.

  1. The PDF has Public Access enabled.

  2. The URL contains a matching file signature. This signature (previously referred to as the token) can be included using the {fillable_pdfs} merge tag.

  3. Users with access to the gravityforms_view_entries capability.

    By default, this capability is only enabled on users with the Administrator or Super Administrator role. You can change the capability Fillable PDFs checks for using the fg_fillablepdfs_view_pdf_capabilities filter.

  4. User who submitted the Gravity Forms entry and was logged in when the form was submitted.

  5. User who submitted the Gravity Forms entry and was not logged in when the form was submitted.

    This requires the user to have the same IP address as the submitter of the Gravity Forms entry and be attempting to download the file within 20 minutes of form submission.

    If you do not log IP addresses, the user will not be able to download the file.

    You can use the fg_fillablepdfs_logged_out_timeout filter to modify how long after submission the user can download the file.

Direct File Access

Generated PDFs are stored in your WordPress’ file system within the Gravity Forms upload folder.

When the Fillable PDFs folder is created, a .htaccess file is created that denies direct access to the directory listing and the files within. This will protect websites on Apache and Litespeed web servers. Other web servers, like Nginx, will require a modification to the server configuration to block access to that folder.

Fillable PDFs checks if the generated PDFs folder is accessible once per week. If it is, a dismissible warning will be displayed on all Gravity Forms page to notify you.

Using the fg_fillablepdfs_base_path filter, you can change where the Fillable PDFs folder is located. If you are unable to block public access to the default folder, this filter can be used to move the Fillable PDFs folder outside of your public directory. Fillable PDFs stores the direct file path as part of the PDF meta. If you move PDF files created prior to Fillable PDFs 2.3, they will be inaccessible.