One of the biggest problems faced by ClickBank merchants is the risk of content theft - people downloading their digital products without paying for them.
To gain illicit access to downloadable product files, determined content thieves exploit a range of security weaknesses, each of which can be eliminated if the correct protective measures are applied. Here, we will look at just one area of vulnerability and a simple precaution that any ClickBank merchant can use to protect against it.
Most ClickBank merchants understand that there should never be links to downloadable product files and thank-you pages from the other pages on their website. The only way to access a product file should be via its thank-you page, which likewise should be accessible only via the ClickBank payment process. Observance of these simple guidelines will ensure that there is no way to navigate directly to your downloadable content.
This approach also ensures that the thank-you page will not be indexed by search engine spiders, which is essential, as nothing could be more harmful to product security than a thank-you page with a #1 Google ranking!
However, we should not overlook the risk that your thank-you page and product file URLs may be distributed in underground newsgroups and forums. While this may not necessarily lead to an immediate avalanche of illicit downloads, the risk exists that the forum posting will eventually be indexed by a search engine and that this will provide an indirect route by which the thank-you page itself becomes indexed.
Astonishingly, the solution proposed by some so-called web security experts is to list your thank-you pages in your web server's robots.txt file - a configuration file that informs search engines which pages should be excluded from indexing.
It's true that this approach usually prevents indexing of the thank-you pages. But it creates an even greater weakness - it provides any would-be hacker with easy access to the exact names and locations of all your supposedly hidden files.
It cannot be over-emphasized - never list your product files or delivery pages in your web server's robots.txt file! To explicitly stop a thank-you page being indexed by spiders, use the following Meta tag in theelement of each thank-you page:
<meta name="robots" content="noindex, nofollow" />
Although a search engine may discover your thank-you pages by some indirect route, it will silently ignore any page that contains the above Meta tag.
Of course, this is just one of several vulnerabilities that expose your downloadable products to the risks of theft. In chapter 21 of "ClickBank - The Definitive Guide", I examine the whole gamut of techniques that online thieves use to steal your merchandise and I describe several of the most effective ways in which this problem can be tackled.
Copyright © Tim Coulter. All rights reserved.
He is also the author of the ultimate ClickBank tutorial & reference manual
ClickBank - The Definitive Guide