X-Cart forums - View Single Post

carpeperdiem · #17 11-17-2006, 05:10 AM

The reason you want your files under the hood: in case someone or something breaks your htaccess, you still have one line of defense, as it is impossible to get to the goods without a serious breach of server security.

I had a store selling digital goods many years ago (no longer in that business) and we shut down for 3 reasons:

1. our goods were posted to warez sites almost immediately;
2. our site was used by criminals to test credit card numbers -- they never downloaded product... they were simply trying to validate their stolen credit card numbers, then went on to steal from others... the FBI told me this was quite common -- that digital goods stores were used for this;
3. chasing the bad guys became our primary focus, not developing new content

So I shut it down. I licensed the content to another company, and now it's their problem.

Yes, there are better technologies in place today, but short of copy-protecting your goods (serial numbers, dongle, install codes), the server level protections are worthless, if you ask me.

Your products (if popular) will be kracked and uploaded somewhere if not protected.

The idea of restircitng IPs is good. Tracking downloads, etc... all good... BUT if the content is unlocked, you're open to exploitation from the bad guys.

Yeah, I'm angry that these crooks forced me out of business.....

Had I copy protected the content, I'd have had half a chance, as my traffic was substantial. But chargebacks, theft and fraud consumed me and my guys.

Yes, I blocked entire countries and range of IPs. But these crooks would get around that. They had CVV2 codes, exact billing name/address, etc...

Copy-protect your content!!!!!! Don't rely on servers or IP addresses... the honest customer will understand.

PS -- the alternative to copy protection is to NOT provide instant access to the egoods. Don't enable auto-capture... spend time and money manually verifying each transaction... then your anti-fraud processes will work. Unfortunately, if your product costs $15, you can't do that and stay in business.