Follow us on Twitter X-Cart on Facebook Wiki
Shopping cart software Solutions for online shops and malls
X-Cart Home FAQ Forum rules Calendar Mark Forums Read User manuals Login

Tips on protecting eGoods

 
Reply
   X-Cart forums > X-Cart 4 > Dev Questions > Changing design
Page 1 of 2 1 2 >
 
Thread Tools Search this Thread
  #1  
Old 11-15-2006, 03:11 AM
  Warwick's Avatar 
Warwick Warwick is offline
 

X-Adept
   
Join Date: Mar 2003
Location: Somewhere on the web through European connection
Posts: 868
 
Question Tips on protecting eGoods
Is there anybody who has tips on the best way to protect your eGoods? Or do you believe the standard X-Cart setup for eGoods is good enough?
__________________
Installs: X-Cart 4.1.x - 4.4.x ∙∙ MySQL version: 5.0.45 ∙∙ Apache version: 2.2.8 (Unix) ∙∙ PHP version: 5.25
X-Cart add-ons: all ∙∙ Mods: A lot; too many ∙∙ Skin templates: Many ∙∙ Experience: Somewhere beyond newbie
-----------------------------------------------------------------------------------------------------------------------------------------
 Looking for the best dutch language pack? 4.1.x - 4.6.x compatibel, native speaker translation! More info
Reply With Quote
  #2  
Old 11-15-2006, 07:50 AM
  Jon's Avatar 
Jon Jon is offline
 

X-Guru
   
Join Date: Oct 2002
Location: Vancouver, Canada
Posts: 4,200
 
Default Re: Tips on protecting eGoods
There's nothing in the egood module that prevents people from posting a link on websites, message forums, etc. for download before the link expires. When I sold egoods (audio) I liked to watch my file not found errors and see who was distributing, usually a warning smartened them up and if not I banned them from the store. You could have some checking custom coded into the module to limit the number of downloads before they have to contact you for a new link.
Reply With Quote
  #3  
Old 11-15-2006, 07:59 AM
  Warwick's Avatar 
Warwick Warwick is offline
 

X-Adept
   
Join Date: Mar 2003
Location: Somewhere on the web through European connection
Posts: 868
 
Thumbs up Re: Tips on protecting eGoods
Quote:
Originally Posted by Jon
There's nothing in the egood module that prevents people from posting a link on websites, message forums, etc. for download before the link expires. When I sold egoods (audio) I liked to watch my file not found errors and see who was distributing, usually a warning smartened them up and if not I banned them from the store. You could have some checking custom coded into the module to limit the number of downloads before they have to contact you for a new link.

Thanks Jon,
Valuable information, do you have suggestions on where and how to store the eGoodies best protected?
__________________
Installs: X-Cart 4.1.x - 4.4.x ∙∙ MySQL version: 5.0.45 ∙∙ Apache version: 2.2.8 (Unix) ∙∙ PHP version: 5.25
X-Cart add-ons: all ∙∙ Mods: A lot; too many ∙∙ Skin templates: Many ∙∙ Experience: Somewhere beyond newbie
-----------------------------------------------------------------------------------------------------------------------------------------
 Looking for the best dutch language pack? 4.1.x - 4.6.x compatibel, native speaker translation! More info
Reply With Quote
  #4  
Old 11-15-2006, 08:38 AM
  Jon's Avatar 
Jon Jon is offline
 

X-Guru
   
Join Date: Oct 2002
Location: Vancouver, Canada
Posts: 4,200
 
Default Re: Tips on protecting eGoods
If you have a dedicated server you can store the files below your root directory and then they are completely unaccessible except by a download link. Otherwise store them in a folder with an .htaccess file that blocks access to them.

By doing this you will prevent direct access and then you just need to focus on protecting your download links from misuse.
Reply With Quote
  #5  
Old 11-15-2006, 09:31 AM
  wjbrewer's Avatar 
wjbrewer wjbrewer is offline
Banned
  

X-Adept
   
Join Date: Feb 2005
Location: Pittsburgh, PA
Posts: 504
 
Default Re: Tips on protecting eGoods
Jon has given you a lot of good suggestions. I have a module that implements these extra security measures for egoods:

Limit to a single IP
Limit to the same IP that made the original purchase
Limit the number of download attempts (clicks).

Also, it tracks the IP of all attempted downloads, and let you have a real-time view of all of the egoods download activity on your site. It also has the ability to disable a download link if you believe that the download link is being used for unauthorized downloads.

You can check it out here:

http://www.alteredcart.com/Download-Expander-p-1.html
Reply With Quote
  #6  
Old 11-15-2006, 01:44 PM
  Warwick's Avatar 
Warwick Warwick is offline
 

X-Adept
   
Join Date: Mar 2003
Location: Somewhere on the web through European connection
Posts: 868
 
Thumbs up Re: Tips on protecting eGoods
Quote:
Originally Posted by Jon
If you have a dedicated server you can store the files below your root directory and then they are completely unaccessible except by a download link. Otherwise store them in a folder with an .htaccess file that blocks access to them.

By doing this you will prevent direct access and then you just need to focus on protecting your download links from misuse.

Thanks Jon, I figure I could store them below my store directory but can I then still access them through X-Cart? i.e. will it be able to see that?
__________________
Installs: X-Cart 4.1.x - 4.4.x ∙∙ MySQL version: 5.0.45 ∙∙ Apache version: 2.2.8 (Unix) ∙∙ PHP version: 5.25
X-Cart add-ons: all ∙∙ Mods: A lot; too many ∙∙ Skin templates: Many ∙∙ Experience: Somewhere beyond newbie
-----------------------------------------------------------------------------------------------------------------------------------------
 Looking for the best dutch language pack? 4.1.x - 4.6.x compatibel, native speaker translation! More info
Reply With Quote
  #7  
Old 11-15-2006, 01:47 PM
  Warwick's Avatar 
Warwick Warwick is offline
 

X-Adept
   
Join Date: Mar 2003
Location: Somewhere on the web through European connection
Posts: 868
 
Thumbs up Re: Tips on protecting eGoods
Quote:
Originally Posted by wjbrewer
Jon has given you a lot of good suggestions. I have a module that implements these extra security measures for egoods:

Limit to a single IP
Limit to the same IP that made the original purchase
Limit the number of download attempts (clicks).

Also, it tracks the IP of all attempted downloads, and let you have a real-time view of all of the egoods download activity on your site. It also has the ability to disable a download link if you believe that the download link is being used for unauthorized downloads.

You can check it out here:

http://www.alteredcart.com/Download-Expander-p-1.html


Hi Bill,
Thanks but no thanks ... I already use all of your excellent mods
I just want to be extra sure that I have taken all possible precautions.
Warwick (a.k.a. Pieter, remember? )
__________________
Installs: X-Cart 4.1.x - 4.4.x ∙∙ MySQL version: 5.0.45 ∙∙ Apache version: 2.2.8 (Unix) ∙∙ PHP version: 5.25
X-Cart add-ons: all ∙∙ Mods: A lot; too many ∙∙ Skin templates: Many ∙∙ Experience: Somewhere beyond newbie
-----------------------------------------------------------------------------------------------------------------------------------------
 Looking for the best dutch language pack? 4.1.x - 4.6.x compatibel, native speaker translation! More info
Reply With Quote
  #8  
Old 11-15-2006, 02:28 PM
  wjbrewer's Avatar 
wjbrewer wjbrewer is offline
Banned
  

X-Adept
   
Join Date: Feb 2005
Location: Pittsburgh, PA
Posts: 504
 
Default Re: Tips on protecting eGoods
Forum names...I never know who anyone is.
Reply With Quote
  #9  
Old 11-15-2006, 10:54 PM
  Warwick's Avatar 
Warwick Warwick is offline
 

X-Adept
   
Join Date: Mar 2003
Location: Somewhere on the web through European connection
Posts: 868
 
Talking Re: Tips on protecting eGoods
Quote:
Originally Posted by wjbrewer
Forum names...I never know who anyone is.

No Problem Bill, another chance to get your wonderful mods promoted
__________________
Installs: X-Cart 4.1.x - 4.4.x ∙∙ MySQL version: 5.0.45 ∙∙ Apache version: 2.2.8 (Unix) ∙∙ PHP version: 5.25
X-Cart add-ons: all ∙∙ Mods: A lot; too many ∙∙ Skin templates: Many ∙∙ Experience: Somewhere beyond newbie
-----------------------------------------------------------------------------------------------------------------------------------------
 Looking for the best dutch language pack? 4.1.x - 4.6.x compatibel, native speaker translation! More info
Reply With Quote
  #10  
Old 11-15-2006, 11:29 PM
  Warwick's Avatar 
Warwick Warwick is offline
 

X-Adept
   
Join Date: Mar 2003
Location: Somewhere on the web through European connection
Posts: 868
 
Question Re: Tips on protecting eGoods
Quote:
Originally Posted by Jon
If you have a dedicated server you can store the files below your root directory and then they are completely unaccessible except by a download link.

Jon, can you explain a bit further? I don't have a dedicated server but do have cpanel access so I can get 'above' public_html. Is this what you mean? And if so how do I make it possible for X-Cart to access there? Thanks.
__________________
Installs: X-Cart 4.1.x - 4.4.x ∙∙ MySQL version: 5.0.45 ∙∙ Apache version: 2.2.8 (Unix) ∙∙ PHP version: 5.25
X-Cart add-ons: all ∙∙ Mods: A lot; too many ∙∙ Skin templates: Many ∙∙ Experience: Somewhere beyond newbie
-----------------------------------------------------------------------------------------------------------------------------------------
 Looking for the best dutch language pack? 4.1.x - 4.6.x compatibel, native speaker translation! More info
Reply With Quote
Reply
   X-Cart forums > X-Cart 4 > Dev Questions > Changing design
Page 1 of 2 1 2 >

« Previous Thread | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT -8. The time now is 03:52 PM.

   
 
X-Cart forums © 2001-2020