Security wise, is it enough to deny access to a folder container sensitive CSV files via Apache or is it much better to just have the data in a database?
The CSV/database files would be used to populating html tables per user per date.
I thought it would be simpler to organize by just uploading CSVs by date and user VS populating a complex database but I don't want to jeopardize security.