I've recently delivered 3 projects related to secure PDF generation on the fly, and thus I'm in a good position to advise you on this matter.
How are the PDF links being stored by your website? Are the links stored in a database? In that case, you can make the PDFs password protected, and add the password in the database along with the PDF name. When you are generating link for download, show the password to user, or better send it to them over email. The password should be different for each PDF, so that even if one knows the location of the file, they cannot unlock the file.
The best practice in this regard would be to generate the password protected version on the fly, with password same as the user name. This will create a disincentive for user to share the PDF with others over email and other media, as their user-name will be exposed.
If you like my advice feel free to create a suitable milestone towards advice fee (min 5$ will be deducted by FL as commission charges) and award the project for this advice.
I can also develop the custom script for you, as a separate project, or as a new milestone to this project.