Skip to main content
Secure Files

Lock down visibility of files to specific users and keep track of which users are viewing each file.

Melanie Dupont avatar
Written by Melanie Dupont
Updated over a week ago

In addition to Novi Files, where most of your website documents and images are stored, you can also upload files in the Secure Files section to accomplish one or more of the goals below.

Upload files to 'Secure Files' if any of the following are true:

  • The file should only be accessible to logged-in users

  • The file should only accessible to a specific Group(s) such as board members or those who have purchased a product

  • The file should be accessible to the public AND you need to track downloads

  • In any above scenario of who has access to a file, each download needs to be tracked (who and when)

If the needs for your file do not fall into one of the categories above, use Novi Files instead.

Important Note! Whether you use Novi Files or Secure Files, users can always download or screenshot these files and share them with others.

Private vs Public Secure Files


When a file is uploaded to Secure Files, you can choose to lock it down by default to logged-in users only (regardless of membership status) OR to a specific group.

Additionally, the file can be available to the public, however, please see the section below before creating a public secure file.

If a user is not logged in and tries to view a file with restricted visibility, they will be directed to the standard "restricted" message:


If a file does not need to be locked down to specific users and you don't need to track who views the file, we recommend uploading to Novi Files instead. Since Novi Files are automatically public, this will result in faster download times for the frontend users because the system does not need to check if the user has permission to view the file. Learn how to upload public files to Novi Files.

On the other hand, if the file can be viewed by anyone AND you want the system to track who downloads a public file (and when), you can upload to Secure Files and remove the default "logged in users only" setting.

Note that users who are not logged in will be listed as Anonymous in the View Log, so you'll be tracking the number of downloads vs. exactly who downloaded in this scenario.

Add New Secure File

Upload New File

If you've determined a file should be uploaded to Secure Files, follow the steps below to add the file to your site:

  • On the backend, go to Static Content > Secure Files

  • Click the Add Secure File button (top right)

  • In the "New Secure File" modal, click the Upload File button and select the file.
    Note: You can upload files in any of the allowed file types that are up to 20MB in size. For larger files, we recommend embedding the files into your Novi website or linking to an external source such as Dropbox or Google Drive.

  • Dial in visibility settings - Note that the default setting of "Visible to logged in users only" (checkbox) includes all users with a user account and does not relate to membership status. You can also lock down to one or more Groups, which is how you could limit access to members only, for example.

  • Friendly File Name - The friendly file name (FFN), is a piece of the URL of the particular file you are uploading that comes after Novi will auto-populate a unique FFN based on the name of the uploaded file.

Add Secure File to a Page

Adding a secure file to a page on your website is done a little differently than adding a typical file from Novi files. When adding a secure file to a page, you'll first want to copy the Full URL from the Secure Files page on the backend. Then, within your page, add a link as usual and paste that URL to link to the page. You cannot access secure files from the file folder in the frontend content editor.

Update Existing Secure File

If you need to update an existing file and you want to keep the same Friendly File Name (i.e. URL), follow the steps below to replace the file:

  • Go to Static Content > Secure Files

  • Find the file in the list and click the Edit link in the Action column (or click on the name in the first column)

  • In the "Edit Secure File" modal, click the Replace File button

  • If you keep the Friendly File Name the same, the system will update the file that opens when the link is clicked - Note: The user's computer could still cache the original version of the file, but it's less likely than if the file is uploaded to Novi Files

Secure File View Log: Track File Downloads

To see a list of who has viewed a secure file go to the Secure File View Log:

  • On the backend, go to Static Content > Secure Files

  • Click the View Log button (top right) to view the full log, or you can click the link in the Action column to see the log for a specific file.

The following information is available in the log:

  • Friendly File Name

  • Date/Time

  • Viewed By (includes link to member record)

  • Email

  • Parent Customer

Search & Filter:

  • Search by Customer Name or File Name

  • Filter by File Name (multi-select)

  • Filter by Date

List View & Download Options:

  • Download to PDF (printer icon)

  • Download to CSV (Excel icon)

  • Change number of rows in list view (gear icon)

Related Articles

Did this answer your question?