| ||||||||||
Shopping cart software Solutions for online shops and malls | ||||||||||
|
X-Cart Home | FAQ | Forum rules | Calendar | User manuals | Login |
Tips on protecting eGoods | ||||
|
|
Thread Tools | Search this Thread |
#11
|
|||||||||
|
|||||||||
Re: Tips on protecting eGoods
Yes I mean "above" public_html. So if your path was:
/home/httpd/domain.com/public_html/ You would store the files in: /home/httpd/domain.com/files/ You'd have to set permissions, change the listed file locations in x-cart, and maybe a few other server configurations for access, but I couldn't say for sure without trying it on your server and making changes until it works. |
|||||||||
#12
|
|||||||||
|
|||||||||
Re: Tips on protecting eGoods
Quote:
I see what you mean, I just don't understand it ... ... a bit too technical for me and do you think it is worth the trouble? Do you or somebody else have any experience with this i.e has implemented this to protect egoods?
__________________
Installs: X-Cart 4.1.x - 4.4.x ∙∙ MySQL version: 5.0.45 ∙∙ Apache version: 2.2.8 (Unix) ∙∙ PHP version: 5.25 X-Cart add-ons: all ∙∙ Mods: A lot; too many ∙∙ Skin templates: Many ∙∙ Experience: Somewhere beyond newbie ----------------------------------------------------------------------------------------------------------------------------------------- Looking for the best dutch language pack? 4.1.x - 4.6.x compatibel, native speaker translation! More info |
|||||||||
#13
|
|||||||||
|
|||||||||
Re: Tips on protecting eGoods
It is the ideal method but just putting them in a folder above public_html i.e. /home/httpd/domain.com/public_html/store/files/ will work if you have an .htaccess file in it denying access to the files. It's just a bit less secure because the .htaccess could get overwritten or deleted, etc., opening up the files.
|
|||||||||
#14
|
|||||||||
|
|||||||||
Re: Tips on protecting eGoods
Quote:
At this moment when you try to acces my 'http://www.mydomain.com/store/files' it's asking to login to my cpanel which -after me loggin in succesfully- results in a 403 forbidden page error ... secure enough?
__________________
Installs: X-Cart 4.1.x - 4.4.x ∙∙ MySQL version: 5.0.45 ∙∙ Apache version: 2.2.8 (Unix) ∙∙ PHP version: 5.25 X-Cart add-ons: all ∙∙ Mods: A lot; too many ∙∙ Skin templates: Many ∙∙ Experience: Somewhere beyond newbie ----------------------------------------------------------------------------------------------------------------------------------------- Looking for the best dutch language pack? 4.1.x - 4.6.x compatibel, native speaker translation! More info |
|||||||||
#15
|
|||||||||
|
|||||||||
Re: Tips on protecting eGoods
^ Yep.
|
|||||||||
#16
|
|||||||||
|
|||||||||
Re: Tips on protecting eGoods
Thanks for the help Jon
__________________
Installs: X-Cart 4.1.x - 4.4.x ∙∙ MySQL version: 5.0.45 ∙∙ Apache version: 2.2.8 (Unix) ∙∙ PHP version: 5.25 X-Cart add-ons: all ∙∙ Mods: A lot; too many ∙∙ Skin templates: Many ∙∙ Experience: Somewhere beyond newbie ----------------------------------------------------------------------------------------------------------------------------------------- Looking for the best dutch language pack? 4.1.x - 4.6.x compatibel, native speaker translation! More info |
|||||||||
#17
|
|||||||
|
|||||||
Re: Tips on protecting eGoods
The reason you want your files under the hood: in case someone or something breaks your htaccess, you still have one line of defense, as it is impossible to get to the goods without a serious breach of server security.
I had a store selling digital goods many years ago (no longer in that business) and we shut down for 3 reasons: 1. our goods were posted to warez sites almost immediately; 2. our site was used by criminals to test credit card numbers -- they never downloaded product... they were simply trying to validate their stolen credit card numbers, then went on to steal from others... the FBI told me this was quite common -- that digital goods stores were used for this; 3. chasing the bad guys became our primary focus, not developing new content So I shut it down. I licensed the content to another company, and now it's their problem. Yes, there are better technologies in place today, but short of copy-protecting your goods (serial numbers, dongle, install codes), the server level protections are worthless, if you ask me. Your products (if popular) will be kracked and uploaded somewhere if not protected. The idea of restircitng IPs is good. Tracking downloads, etc... all good... BUT if the content is unlocked, you're open to exploitation from the bad guys. Yeah, I'm angry that these crooks forced me out of business..... Had I copy protected the content, I'd have had half a chance, as my traffic was substantial. But chargebacks, theft and fraud consumed me and my guys. Yes, I blocked entire countries and range of IPs. But these crooks would get around that. They had CVV2 codes, exact billing name/address, etc... Copy-protect your content!!!!!! Don't rely on servers or IP addresses... the honest customer will understand. PS -- the alternative to copy protection is to NOT provide instant access to the egoods. Don't enable auto-capture... spend time and money manually verifying each transaction... then your anti-fraud processes will work. Unfortunately, if your product costs $15, you can't do that and stay in business.
__________________
xcart 4.5.4 gold+ w/x-payments 1.0.6; xcart gold 4.4.4 |
|||||||
#18
|
|||||||||
|
|||||||||
Re: Tips on protecting eGoods
Great feedback carpeperdiem, very useful! I've send you a PM
__________________
Installs: X-Cart 4.1.x - 4.4.x ∙∙ MySQL version: 5.0.45 ∙∙ Apache version: 2.2.8 (Unix) ∙∙ PHP version: 5.25 X-Cart add-ons: all ∙∙ Mods: A lot; too many ∙∙ Skin templates: Many ∙∙ Experience: Somewhere beyond newbie ----------------------------------------------------------------------------------------------------------------------------------------- Looking for the best dutch language pack? 4.1.x - 4.6.x compatibel, native speaker translation! More info |
|||||||||
#19
|
|||||||||
|
|||||||||
Re: Tips on protecting eGoods
Quote:
Because serials, dongles, and install codes have never been cracked? |
|||||||||
|
|||
X-Cart forums © 2001-2020
|