Okane

How do you protect your "media" files (ebooks, pdf files) when using the wishlist plugin?

I know how to protect posts, categories and pages... but not the actual downloadable content.


Marc

rahulchandra

Here you go:
Go to wl member>settings>Do you want to automatically protect content by inserting the "more" tag if the "more" tag is not inserted into any post?>select yes >specify after how many characters you want the more tag to appear..

This way free members can look at the intro and and only paid/subscribed members can click on the more tag to view the whole post( which would contain download links to the media you want)

for this to work you need to enable default protection, its right below the
"more tag" option I mentioned earlier>set it to yes, and your blog is secure.

Now lets say you have three membership levels then you can specify which level will be able to see the data while you are writing the post itself> scroll down to the post till you see wl member> then select /deselect the membership levels you want to have access to the content of the post.

That's it!
Hope it helps
Rahul

Okane

Thanks Rahul,

I learned something new...

But the problem still exist. Maybe I should have explained it more clearly.

If I have a blog post at www,myblog.com/member-post1, then I can easily activate protection for this post. This means, if a non-member visits this URL, he/she will be forwarded to the "you are not a member" page.

That's what I call protection.

Now, if in the blog post I mention a download link to a pdf, something like "And here's your exclusive ebook:
www.myblog.com/wp-content/uploads/ebook.pdf"

If a non-member visits the above URL (to the ebook), then the download works, i.e. the media files are NOT protected. This is very bad.
Scenario: member send the download link to all his friends...

So, can this be done in wishlist?

I'd like to post lots of exclusive pdfs for members and I don't want these links (to the pdfs) to work for non-members.


Marc

rahulchandra

That's what the more tag is for,
what I usually do is give them an introduction
first then introduce the download links after a few lines,

if you set up wl member to automatically set more tag
after a certain amount of characters then the non members
can only see the unprotected part of your post
whereas authorized members can see the whole post when they
click on more tag..

to be on the safe side the value to 5-15 characters so that
non members only get a glimpse of what the content is about
and not the whole content.

That should do it

What I don't understand is this if you have protected the whole post
and a non member get a redirection when they visit, how will
they know what the url to the download is in the first place?

Although what I can gather from your post id that you are more concerned about if a member passes the download url to non members and they freely download the stuff, am I right?

You can prevent this by doing the following:

Instead of posting naked urls in your post you could post
a cloaked/ hyperlinked url, and then make the download location
obscure and not easy to remember(Since I don't think freebie seekers will take the time to write down the location of a hyperlinked url by looking at the bottom of their browser)

Then to further ensure the security of your membership
you can restrict the ip logins in wl member, to say a minimum,
that would prevent your users to share their login details
because the system will automatically block their access
after they attempt to login from different ip's

(This strategy however can backfire, since many people use proxies, so you might you deal with annoyed customers without access)

If all fails use double cloaking with tracking,
for ex
1 make your download location impossible to remember

then use free url tracking services like bit.ly to shorten the original url

then use a hyperlink in your post which directs to >bit.ly which directs to> your original download location.

This would enable to keep track of how many downloads there have
been and other important user details which bit.ly provides.

By taking this extra step you are now totally secure.

And if it all fails, then accept it and move on, people will always
leak stuff, people will always try to get your stuff for free, its all part of the game..

Hope this helps!
Rahul

WCF

Within a post, you can protect any segment of content with the [private_level][/private_level] set of tags. Be sure to replace 'level' with the title of your membership level.

So that anything between a set of [private_gold] and [/private_gold] tags would only be shown to Gold level members.

The only thing I'm not sure of is how to make this content available to multiple levels. For example, if I have Silver and Gold members - how do i protect it from the public, but make it available for both member levels.

revivetv

Okane,

I am wondering about this exact issue. Solutions thus far offered are too much hassle, and don't address your question.

On wishlist, it is my understanding that if someone just passes along the URL to your pdfs, or my vids, then someone without a membership can access them. I have searched extensively regarding this but I think this is the case.

We all know in the internet age someone may pay for the membership but then post the links to the premium content pdfs, mpegs, etc and others will access them.

I have read that memberwing has something to combat this.

Have you come to a solution?

WCF

I'm using the Download manager plugin, which features a "Member only" option, plus cloaks the links.

I have not tested this in the wild, but what I read says it works.

revivetv

Yes I have been testing out download monitor also but the problem remains.

Download monitor (DM) doesn't protect the file at the source, on the level of the FTP.

Say a paid member clicks on the DM-provided download link (the one that ends in /?did=1 or /?did=# where the # is the DM id number). If they have the right membership level then they are taken to the actual URL of the file, and the address appears in your web browser. The user then has the gold. They can just copy this address and paste it anywhere. So we still have the problem... Any non paying member can then obtain the URL address of the file on the FTP, paste it into their browser and they get to the file. They circumnavigate download monitor.

Its like this: no one can get a hamburger at MacDonalds unless they pay the cashier. So, one person pays the cashier, the cashier goes and gets a hamburger in yellow wrapper. The customer takes out the hamburger, then passes the wrapper on to another person. This 2nd person takes the wrapper not to the cashier but to the manager (higher up) and asks for a burger. And the manager gives him a hamburger because he has the yellow wrapper.

or something like that! haha!

Have also been looking at Digital Access Pass. It looks like it protects the files at the source, but it doesn't operate as a WP plugin so I would much rather go with Wishlist if I can.

David-JP

I think what you are asking about is hotlinking- that is people passing around the direct URL of your content. Wishlist doesnt protect this yet, and I dont know of any plugin that can handle this for multiple levels.

You can however put the content on amazon S3 and then use a plugin that will allow you to only give access to the content when viewing or clicked from your site. The plugin you can use is s3flowshield (aff link)


David

cfperez

I just joined Warrior Forums today so I may not post links. Nevertheless, I had just completed their video tutorial #39, "Content Protection Overview." (see customers dot wishlistproducts.com/39-content-protection-overview/ )

The item you want is from the dashboard: Membership Levels > Membership Content... where files are definitely protected. Hope this helps.

cf

David-JP

FYI: You are replying to an old thread- wishlist has since added hotlink protection. (uses an htaccess file in the protected folders)

David