Question posted in 
I do not really want this available on the web interface and am content with having to ssh into the wordpress instance to do it, both to transfer the file in ( often large ) and to do the
"wp media import testinstaller.exe" command on the server
to do it. I would set permission on the file to root:? r–r–r–
This is for a password protected site used by beta testers to download test versions of a windows app from.
Thanks
2
Answers
You can’t upload executable files to WordPress.com sites, but you can upload and link them from sites that allow them, such as Dropbox or Google Drive.
Signing your NSIS installer is definitely the way to go! Unsigned installers are frequently flagged by antivirus scanners due to lack of verification of origin and authenticity. Here’s how you can sign your installer:
Acquire a Digital Certificate:
Your installer requires a digital certificate from a reliable Certificate Authority (CA) to authenticate who the publisher of software is. This electronic signature serves to authenticate who they are as well.
Utilize SignTool.exe:
Windows provides a tool called SignTool.exe in the %ProgramFiles%Microsoft SDKsWindows vX.Y Bin directory to sign files using your certificate. This can be found by searching your local computer hard drives for "Microsoft SDK X.Y Bin".
Integrate Signing Into NSIS Script (Optional):
NSIS provides commands such as instfinalize to sign your installer automatically during build time, making this an integral part of an NSIS script for automating this signing process.
Here are a few resources to assist in your pursuit:
Signing Windows binaries and NSIS installers: https://stackoverflow.com/questions/tagged/nisis For details on signing installers with NSIS, consult its documentation; look out for information regarding instfinalize and uninstfinalize commands (the most up-to-date documentation may differ).