1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

If you are SERIOUS about protecting your ebooks and download pages, then jump in!!

Discussion in 'White Hat SEO' started by Blackhat_Boy, Feb 5, 2010.

  1. Blackhat_Boy

    Blackhat_Boy Newbie

    Joined:
    Oct 2, 2009
    Messages:
    48
    Likes Received:
    235
    To protect and secure your eBooks and protected files from getting indexed in Google and other search engines, follow the steps:

    1. Create a separate folder for the files you want to protect on the web server in the public_html directory. You can place eBooks, reports, videos and other downloadable stuff in that folder. Let us call this folder 'download'.

    2. It?s time to protect the index page of the folder we created. We create a blank html file and save it as index.html and upload it to the 'download' folder on our web server.

    Now, if somebody tries to access the 'download' folder on our web server, all they will see is a blank screen.

    3. Now, when we upload books, reports, etc to that folder, its name should be kept descriptive and its name should be succeeded by some random characters.

    Eg.: Suppose the name of the book is 'Affiliate-Army'. When uploading to the web server its name should be changed by adding some random characters at the end like 'Affiliate-Army-1xr98.pdf

    Adding random characters at the end will make it impossible for thieves who try to steal by guessing the name of the eBooks in the URL.

    4. Similarly, rename the download page so it would become impossible to guess.

    Eg.: download-5g6h3.html
    thankyou-b125pk.html

    5. Add the following code to the source code of the download page after the <HEAD> tag.

    The content should look like this:
    <HEAD>
    <META name="robots" CONTENT="noindex, nofollow"> (This line is to be added.)
    <TITLE>.......</TITLE>
    </HEAD>

    This code tells the search engines to stay away from your protected stuffs.

    6. Delete any old download pages from the web server. The only place to have the eBooks, reports, etc and the download page is the 'download' folder we created earlier.

    7. Now, the last part is to add a robots.txt file. Create a new text file and name it as robots.txt

    Type the following in the file:
    User-agent: *
    Disallow: /download/ (this is the name of the folder we created)
    User-agent: Googlebot
    Disallow: /*.pdf$ (this is the extension of our eBook or reports)

    Save this file and upload it to the root of your web server.
    The location of the robots.txt file should be as follows:
    http:// yourdomainname.com/robots.txt

    This robots.txt file tells the search engines to stay away from your 'download' folder and the pdf's.

    You are done now.

    Before using the new setup, test it by placing a test order to make sure everything runs smoothly.

    The above setup can prevent most of the thefts.

    But this system is still not fool-proof. The theft might continue with people sharing your eBooks with others by uploading it to file-sharing sites or by giving put your download URL. But this is the least we can do to protect our hard work.

    Other solutions to prevent thefts are:
    -- Password-protecting downloads pages.
    -- Password-protecting eBooks.
    -- Zipping pdf's into zip files as zip files are not indexed by search engines.

    If you haven't followed the above steps, chances are that your download page and eBooks will be indexed sooner or later.

    You can check to see if your eBook or download page is indexed by typing the following code in Google:
    site: yourdomainname.com

    This setup might look very basic to some but there are many others who need it and will benefit from it.

    Edit: If you have some money, buy DLGuard or similar scripts. It will make your life much easier and will secure your data much better.

    Regards,
    Blackhat_Boy..
     
    • Thanks Thanks x 2
  2. corbin2

    corbin2 Registered Member

    Joined:
    Jan 16, 2010
    Messages:
    66
    Likes Received:
    41
    If you are serious about protecting your products, you should invest your money in tools like DLGuard.
     
  3. speedy5044

    speedy5044 Regular Member

    Joined:
    Jul 29, 2008
    Messages:
    456
    Likes Received:
    993
    Occupation:
    IM
    Anyone who type "yourdomainname.com/robots.txt" can see the folder you trying to hide and access it;)
     
  4. kubel

    kubel Jr. VIP Jr. VIP Premium Member

    Joined:
    Oct 30, 2007
    Messages:
    231
    Likes Received:
    332
    If you are really serious about the safety of your product never keep download files in the same place/folder/account/server as the sales page. Rename the Download folder and download page so THEY DON'T include words "download", "thank you", "thanks" or the name/title of the product at all!

    Finding download-5g6h3.html or thankyou-b125pk.html is as easy as finding download.html or thankyou.html
     
  5. Blackhat_Boy

    Blackhat_Boy Newbie

    Joined:
    Oct 2, 2009
    Messages:
    48
    Likes Received:
    235
    I have already mentioned that..
     
  6. Blackhat_Boy

    Blackhat_Boy Newbie

    Joined:
    Oct 2, 2009
    Messages:
    48
    Likes Received:
    235
    I am using this method myself. And till now nobody could access my downloads because of the robots.txt file.

    After typing the url you mentioned, the person would reach the download folder, but wont be able to access the downloads because of the steps 3 and 4 I mentioned.
     
    • Thanks Thanks x 1
  7. whitehatchick

    whitehatchick Newbie

    Joined:
    Dec 5, 2009
    Messages:
    2
    Likes Received:
    0
    There's an identical post on the Warrior forum, is that your post?
     
  8. Blackhat_Boy

    Blackhat_Boy Newbie

    Joined:
    Oct 2, 2009
    Messages:
    48
    Likes Received:
    235
    If you feel that is so easy, then can you find the download page of bloglockdown.com? It uses just the mechanism I described. Let's see how easy it is..
     
  9. Blackhat_Boy

    Blackhat_Boy Newbie

    Joined:
    Oct 2, 2009
    Messages:
    48
    Likes Received:
    235
    Yes, that me..:)

    I found this community rather late, but I love BHW!!!

    Regards,
    Blackhat_Boy..
     
  10. GreyWolf

    GreyWolf Executive VIP Jr. VIP

    Joined:
    Aug 17, 2009
    Messages:
    1,930
    Likes Received:
    5,389
    Gender:
    Male
    Occupation:
    Artist / Craftsman
    Location:
    sitting at my PC
    This is the same solution I gave on another thread about the same thing.

    This method uses a php script, but it is easy to setup. I use a free membership site script (phpAutoMembersArea). I modified the signup and login pages so that where it originally said 'joining' the 'membership site', now it says 'purchasing' the 'files to download'. Set it up for paypal payment and autoactivate, then when the customer purchases the file (ie. join the site) they fill out the customer info, are sent to paypal to pay, then paypal lets my site know the payment cleared and my site sends an email to the customer with login info. You can set the membership site up for the account to be active as long as you want. a day, few days, week, month, whatever.

    What it means though is that if someone orders from your site and then passes the info on to others, they will only be able to download for as long as the account is active. To Download the file they will need the account and password the script setup for them. So, you can even check your logs once a day and if you see logins from many different ips for the same account, you know it is being abused. you can suspend the account and end it there. email the account holder if you want to, or just let it go.

    I'm sure this is probably a nonstandard way of dealing with this but it works well for me. I was selling a cd of files, using this method I set up the membership site to offer the files on the cd for digital download eliminating burning the cd and shipping. The files are in a secure directory so no worry about the download link being given out.

    I'm not sure what the cost of DLGuard is, but the membership site solution I use is free. You can register the script if you want, for something like $10 for 2 years or something like that which keeps you updated, but it isn't required.
     
    • Thanks Thanks x 1