allow amazon appears changed digital goods google help hosted issue link method number offer option page particular payment process processor provided purchases sellers service site sites support thank-you transaction web

If I have the download files on my server instead of your server is the link to the file still scrambled in some way?

Yes, download link still points to E-junkie. You file location is not disclosed.

Hello friends

Since i am new to all this i would like to know if anyone knows what are
external files and how are they used.

thanks
dkbprofits

External files are hosted on your own server outside of E-Junkie. It's up to you to make sure those files aren't freely accessible from the net, to stop customers bypassing your store and getting downloadable goods for free.

Not really sure how people go about securing these files though, other than turning off indexes etc, as it still has to be accessible to E-Junkie customers.

Hello Chris

This is from dkbprofits. I would like to thank you for your answer .
This will advise me to watch out and get a hosting server for files. Do you know of
a good host for this ?

thanks
donald

Are all the e-junkie external files links coming from the same IP address?

I'd like to do some IP blocking on a directory to protect the files. Thanks in advance.

You can use .htaccess .. something like

<limit GET>
satisfy any
order allow,deny
Allow from e-junkie.com
</limit>

<limit POST>
satisfy any
order allow,deny
Allow from e-junkie.com
</limit>

Simpler yet, just place your downloadable files in a subdirectory all their own, then place a blank "index.html" file in that directory to prevent directory browsing. :^)

When we issue a download link for an externally-hosted file, the link itself appears and works exactly the same as if we were hosting the file, with the same access control, unique ID and link attempts/expiration settings. The only difference (without getting into too much boring behind-the-curtain details :^) is that the link triggers a download stream from your server, through our Web cache, then to the buyer, so the file appears to be coming from our server rather than yours. At no point is the buyer ever exposed to the "real" static URL of the file on any server, nor can they tell the file was even remotely hosted, nor is there any way they could analyze the link or download process to discern the location of other files or access any files they did not purchase.

Hey thanks for the ideas!

E-junkieChef, what's the IP for e-junkie.com? I tried using the code you sent and it didn't work. My hosting co didn't think that 'allow from' worked with domain names but only IPs. Is this correct? Also, will htaccess protect against direct URL access and well as links?

Tyson_N, that sounds like a great idea, I just want to have something in place just in case someone gets a direct URL path to the files. I guess if I prevent directory browsing, and there are no links to these files on my site, and you guys never show the URL, no one would ever get the URL in the first place, but hey, you never know.

raypryorwhat's the IP for e-junkie.com? I tried using the code you sent and it didn't work. My hosting co didn't think that 'allow from' worked with domain names but only IPs. Is this correct?

Our IPs you'll see usually are 208.104.6.148 - 208.104.6.155, but this does change and if you enable reverse lookups on your host, the directive I've provided will work.

raypryorAlso, will htaccess protect against direct URL access and well as links?

Yes

Btw, I've edited my original post to remove www. from www.e-junkie.com

I've read the 6/3/08 post as set out below. Will this process work OK for the following:
I have a webpage that is the first download after someone purchases my product which consists of written and audio instructions and forms. On this webpage are links to other files which contain word or pdf forms which the purchaser can fill out and print. I'm a little confused but would like to use the easiest process that will also provide some protection for my digital products.

I've been signed up with E-junkie for several months now but have'nt figured out how best to use the system for my product. Any help would be much appreciated.

Thanks

Simpler yet, just place your downloadable files in a subdirectory all their own, then place a blank "index.html" file in that directory to prevent directory browsing. :^)

When we issue a download link for an externally-hosted file, the link itself appears and works exactly the same as if we were hosting the file, with the same access control, unique ID and link attempts/expiration settings. The only difference (without getting into too much boring behind-the-curtain details :^) is that the link triggers a download stream from your server, through our Web cache, then to the buyer, so the file appears to be coming from our server rather than yours. At no point is the buyer ever exposed to the "real" static URL of the file on any server, nor can they tell the file was even remotely hosted, nor is there any way they could analyze the link or download process to discern the location of other files or access any files they did not purchase.

The most secure method of providing downloads for your product files would involve letting us handle the download-delivery fulfillment. Our system only issues download links to the buyer after the payment processor (PayPal/Google/etc.) confirms the buyer's payment was good and completed. Our links are unique to each transaction, only good for the files the buyer purchased, and only for the number of attempts and expiration time period you specify.

Just configure your products with the File Download setting enabled, then upload your file for each product. If you are on a subscription plan of at least $18/mo, you also have the option of hosting your product files remotely, on your own server rather than ours. In either case, our download links would work the same way, with all the same access-control and expiration settings, and our links would conceal the "real" static URL of your files, so those URLs cannot be passed around the Internet nor used for unpaid access indefinitely.

If your product consists of several files, you can combine them into a single archive file using a program like WinZip, and offer that file as your download. If you have several products that you also want to offer together at a special price as a "package deal", you can use our Package Products method:
http://www.e-junkie.com/ej/help.package.php

Tyson & Chris,

PLEEEEASE gimme a few tips pn the best external servers for storing downloads. I read where someone stated Dreamhost. I just want one of those sites that is JUST for me to upload my ebooks/mp3s to in a point & click fashion, keep that link private and have a static link I can use when creating a new product. Been researching for hours and I am pulling my hair out;)

Dreamhost is a good site and if you use the code EJDOLLARS you should get a year free. Another good one is Mediafire.

I just moved my files to a paid MediaFire page. Does anyone know the best way to keep the files secure? For example, should I put all my files in a folder that is not shared but keep the files themselves shared? Thanks for any help.

We're not familiar with MediaFire's options in particular, so you should probably contact their support team for advice, and possibly refer them to the Remotely Hosted Downloads section of this help page so they can understand how your files will need to be accessed:
http://www.e-junkie.com/ej/help.file-downloads.htm#remote

Your files will only be accessed by our servers at e-junkie.com, so if they have some way to only allow connections from a specific domain, that would be good. You may be able to set things so the files can only be accessed by direct URL to the file itself, rather than having a "download page" accessible to the public. If they allow you to set up "HTTP authentication", then you could set up your products with a Remote Product File URL like this:
http://username:password@something.fileserver.com/path/to/your/ file.ext

Actually, as an update: I am familiar with MediaFire's service. Ninja mentioned it in a year old post in this thread, but since then we've discovered that even their premium service will not provide direct, static links to your files that you could plug into E-junkie.


They are a popular service otherwise but they just won't work for files you want to host remotely for E-junkie.

Do you have a suggestion for a good service for hosting the files?

Thanks

Most folks just store files on the same server where their Web site is hosted, and our promo code EJDOLLARS for Dreamhost should still be valid, even if you're only using them for cheap remote file storage without hosting your actual Web site.

If you're concerned about bandwidth transfer charges, we do cache your file after the first completed download and just deliver future downloads for the same file from our cache (after we first check to verify that your remote file hasn't changed), which minimizes transfer bandwidth usage for you and us both -- see more details here:
http://www.e-junkie.com/ej/help.file-downloads.htm#remote

I think a few of our sellers store their files with Amazon S3, which is what we also use for our own long-term file storage and download needs. As long as the host you choose can provide a static URL directly to the file itself, that never expires, and can be accessed by a server script (rather than needing to be accessed by a Web browser), it should work fine for us.