Hi,<BR><BR>I have a folder under my wwwroot folder called 'docs'. Which contains Word and other documents. All users my log into the site via its own login system. When a user tries to access a file in the docs folder I check their credentials within the applications own login system. This works ok. However if a user was to type in the full path to a document they can get access as they bypass the login system. Is there a way that I can make this secure?<BR><BR>Thanks in advance.