I really fought with myself on whether or not I should post this however I feel it is truly important to help other vendors whenever and however possible with respect to securing their products (and to build a positive rep among all of you). Going through my traffic & BW stats, I've recently noticed some scammers finding their way to my products via a little known exploit, what's worse is I've seen DP members 'selling' this intel within a report for $3, and this may well explain how some people claim that they give you a CB product as a bonus when you buy theirs or through their links... So, PLEASE do not abuse this - I know I'm giving away information here that many will go nuts over, however more importantly, I have personally seen at least 5 vendors products that frequent this section where I could have downloaded their products free. ALEXA: http://www.alexa.com/search?q="a charge from clickbank or CLKBANK" Why does this happen? ClickBank makes you write 'you will see a charge from clickbank on your bank statement'... etc., meaning all a person has to do is search for that specific phrase within alexa, and it will pull up everyones thank you page. Most people protect that page with a login or opt-in, still easy to bypass which I won't share here... How to protect yourself? Create an image with the words instead of typing them right on the page. Hoping this doesn't cause too much s#!t around here, and will finally make vendors and CB open their eyes to their own weaknesses... PROTECT YOURSELF, i'm sure there will always be more ways, as another is to do an alexa search for "site:yoursite.com" and it pulls up ALL your pages. Add 'NO FOLLOW, NO INDEX' tags to your thank you pages. Add a log in or optin to track those accessing the page. Once a month or twice a month change the filename of the thank you page and of your .zip or .pdf files. Thank you, and again please do not abuse this, instead warn other vendors and get them protected. The more weaknesses there are, the more we ALL lose to the shifty and scummy people out there looking to exploit our efforts. Norb.
Oh Boy this is a dangerous topic... I went to and found access to a very high cost product...unbelievable! How did you discover this loophole? You shoud delete this thread man. Some persons will be exploit this. I was browsing I found this on your site... Thanks for the I.P If you came here through a search engine - please visit the homepage. I believe all vendors should be notified ASAP.
NCMedia, Bringing up this loophole has it's benefit's for the future. Unfortuneatly a lot of lurkers, or even SE traffic is going to find this post. Bringing to attention a problem in the industry is a great way to get it fixed. Although at the same time, it may piss off a lot of people. Just like new exploits in the security field, people find exploits and post them so the vendors will actually take care of the problem at a quicker pace. I wouldnt be pissed at NCMedia for posting this. Getting a pdf, wmv, zip file from clickbank vendors is way too easy. I believe clickbank needs to step in with a new standard. I know their are free tools, source, and the like for this but maybe clickbank should provide it??
This topic got me in the spying mood so I went lurking around a search engine and just typed "google asssassin download" just to be curious and there is someone who posted the page to get full access to GA. I read his blog and it seems like he is pissed as he did not satisfied with the product. So there will always be people who give away download pages or links even though they have paid for a particular product or service.
Trust me I'm still fighting myself on whether or not I should keep this up here - HOWEVER - Sometimes things like this need to happen for the powers that be to notice - If I get flamed, so be it. People are actually SELLING this information in reports and ebooks and monetizing not on products BUT on loopholes. I'm sorry in advance, I'm going to keep this up here for at least a while longer, and hopefully enough lurkers upset enough vendors, that clickbank will get a lot of slack or have no choice but to notify all vendors of this and how to protect themselves... I'd hate to think that they don't care, however am far fetched to believe that they don't know about this yet... Onwards and upwards. NC.
there is another method of finding free products even if the text is an image. Im not too worried about this thread as I have protected myself, but hopefully other vendors see this topic and make some changes.
I would personally ask that you share this other method with vendors or post the general idea here so ppl can protect themselves from any/all angles... There are always going to be ways where you cannot protect yourself, even if you try i.e. downloading a whole site, whole I.P. and all its content, doing a .zip or .pdf search etc. and if there are more please share.
Thanks a lot for this post. I am currently creating my own product for CB and need to look into the protection of the sales pages. I have heard there is a file you could add to your page which hides it from Search Engine... Has anyone heard of it?
There's a simple way for CB publishers to give 100% protection to their download pages. Use the Secret Key on your site set-up page and put the ClickBank Security Script on your download page. That's a link to CB's FAQ about the security script. It tells you exactly how to do it. There's really no excuse for any publisher not to use this.
All true. And if you check your Google Analytics on a regular basis, you will find users searching for other *sneaky* ways to find your files. Anyone remember when Wicked Fire was giving away all these ebooks for FREE? It's a crapshoot. You do your best at protection, but there's nothing you can do if someone wants to copy your file and give it to a friend. Or to many friends.
good stuff this was my main concern when i created my ebook. Think about it you bust your ass putting it together build a site only to not put the effort in to protect it? I used ejunkie and got three months for free just by searching google for "ejunkie promo code" People get two chances to use a download link then thats it that link expires. Now just to get some sales going.....
thats why i totally and without any hesitation recommend DLGuard !! People will share URLs and they will steal....and yes, the above method is nothing new.
whow...just whow...i cant understand merchants not encrypting their links and/or spend a little money on things like DLGuard. Once i made my first few sales since i was told my product was spread on the web already on warez sites minutes after i released it. It was a total nobrainer to spend the $120 on DLGuard.
Ok guys, I am in the process of creating my product and here is what I need to do. After the payment, the user is given a username and password to access the product - the product cannot be downloaded and will only be available online. How do I protect that?
I definitely agree with the No Follow, No Index META tags to protect your pages. But also use PHP forward variables so if someone just randomly types in your download page URL, they will get a message that they've arrived from the wrong source.