Various Articles

Even if your web site does not hold any national security document you should take the security of your web site seriously. This is especially important if you are selling products on your web site.

There is evidence, as shown in many published reports, of in excess of 89 million data breaches of identity records. These occurred in the year 2007 alone. Go to the Identity Theft Resource Center and do some reading. The facts will throw fear into your heart. Businesses can now use companies that are specialists in handling financial information, and leave all the worries to them. A sales webpage will use links on sales pages for ordering which redirect straight to PayPal, 2CheckOut, or other payment services. When using this method, credit card numbers and all personal information from the customer is no longer dealt with or exposed.

But you are not quite out of the woods yet. As a vendor of a digital "soft product" that can be bought and downloaded straight away, you have to guard against digital shoplifting. There's lots of ways that people in your position leave their website goods on display, unattended - leaving people to make off with them without paying, if they know how.

The three most common mistakes are:

1. Easily guessable filenames.

If you have named your electronic book 'AdWords Secrets', do not include either 'Adwords' or 'Secrets' in the name. The location www.example.com/AdWordsSecrets.pdf is the first thing a user might try to access your work.

At least add a version number or a date into the filename, e.g. AdWordsSecrets_v42.pdf or AdWordsSecrets_20070707.pdf. This will make it much more difficult to guess the filename and the URL.

2. Search engines indexing the download page or the product itself.

With an increase in efficiency of today's search engines it has become quite difficult to keep any website a secret from search engines. Even without public links accessing your product download page there are other ways for a search engine to discover it and index it. After it has been indexed anyone using that search engine will find your product download page information in their search results, making them able to download your product without charge.

It is important to frequently survey what information the search engines have on your site. Most of the larger purveyors have an operator command, e.g. site: example.com, which will detail everything about that location that a web spider has crawled over and stored.

3.Txt robots constructed poorly.

robots.txt is a text file that you can place on your web server to guide search engines to what content they are allowed to index and what is off limits. While this may prevent most search engines from indexing your secret web pages, it opens up another vulnerability: any curious web surfer is able to view your robots.txt file. If the file explicitly forbids search engines from looking in the /downloads or /report directories, then it's very likely that's where the secret files are stored. With this knowledge the web surfer can more easily find your product and download it for free.

It is important to maintain the proper balance between protection of your files and directories in robots.txt and not allowing too much information about the structure of your site out.

Selling digital products online is a great business. Make sure that you get paid for the products that you have painstakingly created by following the guidelines above and applying common sense.