Basically I want to sell an ebook. That means after payment through PayPal, I want to send people to a page in my site to download the file from. Obviously I don't want that page indexed, so I should have a robots.txt file, right? But then the robot.txt file is available for public viewing and anyone with half a brain can see where the file is anyway. Any thoughts?
One option would be to use the service by www.e-junkie.com ($5/mo.) which allows you to send your ebook buyers a secure link for the download.
Yes. If you did have a static link, then it wouldn't get indexed if you didn't post links to it. The problem is anyone could post the URL and everyone could get free downloads. The best option is to have a dynamic download solution where after a file has been downloaded it is deleted, so it is safe, e-junkie.com offers a service like this, but I also think there are some free ones.
It's not very difficult to write a dynamic filename system for downloading. When someone pays, generate a long, random string and then generate a URL that looks like: http://www.domain.com/download/abe7214ab3babd90ef20afdb290af/my-fancy-e-book.pdf Then you need to have you script either create that folder and put the e-book inside it or, better still, create a rewrite rule that uses a PHP file to verify the customer before sending them the e-book. RewriteRule ^/download/([a-f0-9]{32})/my-fancy-e-book.pdf /download/download.php?id=$1&file=my-fancy-e-book.pdf Code (markup): In download.php you check that the customer is logged in (give them a redirect to an error message if not), check that the download id code is the same one you stored for them when they paid and, if both of those match, then send the appropriate PDF headers, read the e-book in and echo it to them.