Jacques - I understand your frustration, but I was able to download a software product with a 'secure' URL without the other product. There are step by step instructions on how to do this in the documentation.

My problem is that this 'secure url' still works if you are not logged in. The only security is the hiding of the actual file location, not the file itself. I think this may be solved with forcing https - but your server has to support this mode.

R

If I'm guessing right, not even then.

Once you're logged in the site, you're in https mode, if activated.

The link makes no attempt to limit file access to a particular user or time period.

Even adding a role to the file is to generic. Enyone who has that role can download the file.

So...a unique role for EACH product? It's rediculous, but workable...barely...not really - imagine 1500 products and thus 1500 roles?

You said "Using the DNN file manager create a "Secure File System" folder to store your electronic products. The files within this directory will have .resources appended to the filename."

No they don't

I uploaded zip files to a secure directory, and they have had no change to their file name by putting them in the secure folder.

Do I have to add that extension to the files manually myself?

Hi Guys,

You can utilize the DNN LinkClick.aspx file processor to actually serve the file up when it is needed which makes it possible for you to set the file view permissions to restrict the viewing to just authenticated users or any other selected role. This provides a means for you to protect your important data.

The Gatekeeper Download Manager is a companion program developed to work with Smith Cart and provides additional levels of security for your electronic products.

Thanks,

Jacques,

While there isn't a practical solution on how to stop piracy 100%, there are some solutions that can help you at least reduce piracy. SmithCart as a module running within the browser, DNN, IIS and WIndows has done everything in our means to secure soft products sold which are as follows:

1. Smith Cart fully supports secure url‟s for your downloadable products that hide/mask the url from the user. The cart will prevent the user from locating the download url using the following methods:

• Cart uses server side code for generating download url so the product url is fully hidden from the user.
• Prevents download url from showing up in the browser status bar when user hovers their mouse over download button.
• Prevents user from getting the download url by right clicking on the download button and clicking properties.
• Product download url is not visible in browser source.

2. The auto generate guid provides additional security features for preventing piracy of your downloadable products. When this checkbox is checked the cart will automatically generate a unique GUID and add the GUID to the end of the download url.

3. Smith Cart works in conjunction with the DNN Secure File System feature where a folder that is created as a "Secure File System" folder within DotNetNuke is a folder that will still store files in the logical file structure that you layout, however, the files within this directory will have .resources appended to the filename when it is saved. This method prevents any person from linking directly to those files as ASP.NET will NOT serve .resources files to a remote browser. You can then utilize the DNN LinkClick.aspx file processor to actually serve the file up when it is needed which makes it possible for you to set the file view permissions to restrict the viewing to just authenticated users or any other selected role. This provides a means for you to protect your downloadable products.

4. The Gatekeeper Download Manager is a companion program developed to work with Smith Cart and provides additional levels of security for your electronic products.

Features include:

• Anti-piracy features for electronic products
• Velocity Checks - number of times and/or number of days to allow file to be downloaded by a recipient
• PDF Watermarking/Stamping - Stamp every page with pre-defined fields from the order. Stamps are secure and cannot be removed.

Smith Cart (SC) has been programmed with all the security mechanisms available today to protect your downloadable products and while still operating within the contraints of the web site sandbox imposed by IIS and Windows.

The items listed above help to secure the url, file system and the url to your downloadable products from being shared but it doesnt stop a customer who has purchased and downloaded a soft good from sharing the the product from another web site, pirate bay or one of the file sharing networks available on the internet today.  I understand that your goal is to prevent people from "pirating" your product, and you want to prevent it from being distributed without being purchased. However, I believe you are not seeing the broader picture. For example, lets say the download URL is fully encrypted or masked, and the product has been purchased and downloaded by a customer, what kind of measure is taken to prevent them from redistributing it to their friends, posting it to their own online store or uploading it to file-sharing software and sending it around the world? As more piracy occurs, anti-piracy techniques evolve. When an application has a serial code to unlock the software, that key can spread on the Internet, allowing theft of the application. These are all problems that virtually every Corporation, Company, or Distributor selling downloadable products or software faces. The responsibility of securing the actual products ultimately lies with the vendor and not the module used to purchase these items, or the CMS software the module is installed on.  Ultimately, to prevent piracy of your soft goods a licensing mechanism needs to be built into your electronic product to prevent piracy.  Merchants selling soft products have several options to protect their intellectual property from thieves, the most widely used method is the license key; code that is built into an application to require a valid key to unlock the software. This key can be distributed via packaging or some other online mechanism. There are a variety of tool kits available to allow corporations to easily build this capability into their products. Just search the Web for "software licensing toolkits" and you'll be busy for a few days wading through options.  If you are selling ebooks, pdf's or electronic documents watermarking, expiration dates and other security mechanisms are available to limit access to the person who purchased the product. There are shopping carts on the market today that include these kinds of licensing capabilities, offering an end-to-end method for everything from hosting a store, to distributing software, to managing licensing keys (so you don't have to).  But be ready to part with a percentage of your sales for that privilege.

Thanks,