Thank you all for listening. I've designed both my sales copy and a thank you page for my ebook, but am unsure how to securely offer the download from my thank you page. I've seen a couple of possible solutions: securing the ebook itself with password protection, some cgi programming that clickbank recommends, pay a third party site to host the product, etc... What method works best for you? Thank you again for your help. James
To be honest, I would say its pointless to protect your download page apart from the normal META Noindex, Nofollow tags. Think about it... the people who are going to essential "steal it" and then share it aren't going to buy it anyway, so its not like you will lose sales. It's just not worth the extra hassle.
I don't use anything, although I will probably be moving towards expiring download links (after checking valid return values from CB) soon. I've also considered fingerprinting my ebooks so I can tell who's distributing it. All you've got to do is secretly encode the CB receipt somewhere in the book with some code on the server and you can always tell who bought that copy. If it's found it's way onto a torrent site, you know who is responsible. Actually, I might even just put a warning to that effect on the download page. After all, who'd know the difference?
TGR, how the heck are you distributing? E-junkie has download links, and you can customize how many times and attempts they can download the product. Also, they allow for stamping of your E-books. That is, when someone purchases your product, their name will be stamped on their copy. This deters distribution.
I can hack any thank you page that shares the same domain with the sale page. I would recommend getting another domain for your thank you page!
@onlinemoniez: ejunkie is OK, but I'd rather roll my own. It will end up being much simpler than integrating some third party. Clickbank already provides most of the code necessary to validate orders. Doesn't take much skill... buy, then refund. Et voila. No amount of security will protect against that.
TGR - Do you manually distribute your E-books once you validate the order? I'm not sure what you're saying, but I would be interested in hearing your methods. Thanks!
No disrespect, but I don't believe in this "common wisdom" at all. It varies quite a bit from niche to niche, and even from product to product, I dare say, but in my opinion it's perfectly possible that many people who steal a download would otherwise have bought and paid for it. It depends what it is.
Use expiring download links. I am testing my PayPal/Aweber integration script right now (not yet available). It validates the payment using both paypal PDT and IPN then gives them a 24 hour download link. The download link logs downloads with time, IP, etc. The thing is, like TGR said, pirates will simply buy your product then refund. Then they post it on torrent sites just to get a pat on the back. The worst ones use stolen credit cards to buy your product. But you barely have to worry about that. Look at the top 25 products on clickbank and tell me how many you can find for free on torrent sites and rapidshare. Wanna know something ironic? The ones you REALLY have to worry about stealing your product are right here in this forum. They want it so they can clone it and sell it themselves.... You know who they are. Their the ones that ask for a review copy of every new product that launches here. You can also find their IPs snooping around your site looking for thankyou.html and getting 404 errors.
I think using ejunkie is the best way to safeguard your ebook download. Ejunkie offers upto 5 downloads per link and because of it, people cannot share the ebook download link. However, if you want people to keep your ebook discreet, you will have to use additional tools to make access available to only your buyers. Not only that, there has to be something that people find is to be kept secret & confidential for their own benefit.
Do you know of a way to prevent your buyers from sending a PDF they bought to anyone else they like as a simple email attachment?
I just set it up in PHP real quick, it's simple. 1)user comes to thank you page from CB, CB has provided transaction data. 2)Thank you page confirms the CB encrypted data and if valid, offers the download link. 3)Everything checks out, user downloads the file (via a separate downloader which logs the download and transaction info) 4)Downloader logs the transaction and the download, and invalidates all codes associated with the transaction. One time download, the product files are not accessible directly via the internet (they are located outside of my web root) and all downloads are logged so i have an IP record of every download. Took about 20 minutes to set it up from scratch, since it's logging stats to disk instead of to a database. If you are selling a script or other text-based file it's easy to add transaction data on the server end before the download, too. Encode the customer's transaction data into a comment or other unobtrusive area of the script ( where it's not immediately obvious) and you're "watermarked". EDIT: Wow, I read this thread agin, you guys really just throw your products on your server and hope that no one notices?