- This topic has 17 replies, 3 voices, and was last updated 13 years, 4 months ago by
.
-
Posts
-
I would like to use the pay per view feature and have tested it out as well as read the tutorials, forum posts that I could find and here are my questions:
1 – When I create the pay per view page in wordpress were the video will be shown – How can I hide it from public and search engines (so that it can only be visited via the pay per view temp link?
2 – How can I hide the real page link from displaying via a simple view source in a browser?
3- Would using Amazon S3 help in any way?
Thank you!
Vitaly
3 –
Are you specifically referring to the PPV download option, or are you using PPV as a generic term for only allowing specific people access? The Amazon S3 option is the most secure, but only works for downloads, not PPV streaming.
If you use the encrypted download links feature of eStore, the source directory of the downloaded file will be protected.
Any file that a legitimate user can access can be inadvertently “crawled” by a search engine. You can use a robots.txt file to tell search engines what they can or cannot crawl through, but it is “optional” for them to abide by it. Amazon S3 files however, are immune.
Yes, I am specifically referring to the feature of estore, called pay per view – were you specify the URL that estore will email to purchasers.
I also own your ultimate lightbox plugin and was planning on using that plugin to create s3 secure text links on the pay per view page, when clicked would play a certain video. Is there a way to make this feature more secure? I am open to paying for the wp estore plugin customization to develop this payperview feature some more. perhaps there’s a way to also have the html page in s3 and estore would mask the url? I’m just thinking out loud here, I’m sure you guys know what to do
Vitaly
The links that are emailed to purchasers are encrypted. They won’t ever know the “real” location of the file.
However…
If the file is stored on your server, there is no bulletproof way of preventing a search engine from “accidentally” indexing it. The best you can do is to give your files random names and use the robots.txt file.
If you are going to email the links to buyers, so that they can download the files, then you can use Amazon S3 to store the files and they will be more secure, than if you kept them on your server.
Right, as I said I will use the tips and tricks Ultimate light box plugin to securely show the videos from Amazon S3 on the pay per view page.
My questions were:
1 – can I create and keep the html page in Amazon S3 to make it offsite, would the payperview still mask that link? If not, can we customize it so it does?
2 – Can the pay per view plugin be redesigned to work in a more secure way, perhaps as in question 1 or some other way? If so, I’d be happy to pay for this extra customization feature. Please let me know the cost.
Thank you!
Vitaly
1. Maybe. Amazon does allow you to host static pages on S3…
http://aws.typepad.com/aws/2011/02/host-your-static-website-on-amazon-s3.html
The product ID could point to a static page (instead of a file) on S3, and the user could be transferred there, via an expiring URL. I’m not sure if the download manager code will do this without a slight modification or not. Maybe you could try a test, and we can make any tweaks if they are required.
2. We’ll have to wait a few hours for Amin to get in, so he can answer your lightbox plugin question.
Did we get any closer to what you were looking for?
Thank you for your reply ( I don’t know your name sorry).
We’re a little closer, yes.
1 – Ok, I made a test page and saved it as a pay per view product content. Placed an order for it and clicked the secure temp link. When I view source I can see the original link! So this is not secure at all.
2 – If I create an html page and save in amazon s3 – that could work but then all the video links on the page won’t work because Ultimate lightbox won’t work from S3.
Yes, please ask Amin if some kind of customization can make this work right.
All I really need is this:
A – Prevent the payperview webpage real link from being discovered by view source or search engine crawler (I don’t mind setting something up in amazon S3 if needed as long as “B” still works
B – Still be able to use the awesome Ultimate Lightbox plugin to display the secure S3 video content on the pay per view page.
C – (only an extra, not a big deal if I can’t have it) – be able to specify how long pay per view links remain active, separately from the rest of the product links
Thank you!
Vitaly
You can use the Ultimate Lightbox plugin to display the secure S3 video content on the pay per view page. We have added a feature in the lightbox ultimate plugin for this:
When you are in the above page go to the “Plugin Usage” section and look at the Amazon s3 Private/Protected Video Embedding Documentation.
If you have an older version of the lightbox ultimate plugin then you can get a new build from here:
Hello Amin,
I do have the latest build, this is why i have brought it into this discussion from the start. Please read my above posted it should fully explain what the issue is and what is needed/requested. Thank you!
Vitaly
Hmmm, I just noticed something missing from the discussion…
Are you using any kind of subscription or membership plugin to protect the page that calls up the videos? For instance, are you using eStore to sell access to a PPV page that is protected by eMember? If that is the case, it doesn’t matter if Google indexes that page because login credentials are needed to look at it. Then, you would have the actual videos themselves living on S3, which would be called up by Ultimate Lightbox, as described by Amin.
Hi,
Thank you for your reply. I would like to just use the pay per view feature of the estore plugin. I don’t want to install and use emember. It’s not the money, it’s just more unessesary code, database entries, (more overhead).
Please, could you guys just read my message, think about it and answer me? As I said, If there is a need to work on that feature some more to harden it – I don’t mind paying for the development, I would just like it to work right, that’s all. Please? Perhaps the pay per view feature, to make it secure can along with the link send temporary login credentials to that page? That should do the trick for security right?
I thank you in advance for taking a look into this in a bit more thorough manner.
Sincerely,
Vitaly
I have a “less than half baked” idea, but it would be up to Amin to approve it as a possible eStore feature (someone has to be in charge). And please be aware that, as a custom job, it may cost more to implement than simply using eMember…
The idea is to modify the download manager, so that it knows the product URL is a page, not a file. Before redirecting to the page, a cookie that matches the encryption key is given to the user. Meanwhile on the redirected page, a short code could be used to only display content if a valid cookie is present.
I’ll need a few days more to mull out the details. Please let me know if you see any problems with this idea. And like I said, as a custom job, it may be less expensive to just use eMember.
Thank you! Cost is not the issue here
I understand custom, is custom and don’t mind paying for it.That sounds like it could work. Here are a few more suggestions:
If the page is visited without a proper cookie/expired link, it should instead tell the visitor something like: “You don’t have access to view this page or pay per view period expired” or something similar.
Please also see about adding the ability to specify how long the link is valid separately from the normal downloads.
Have the ability to generate new links in the admin functions area, just like with the normal downloadable products.
Thank you very much! We are definitely getting somewhere!
Vitaly
Okay, glad to see that you like the concept. I’ll need a few more days to wrap my head around how this can be coded. Please visit my contact form and leave me your contact information so that we can take this discussion offline…
http:theassurer.com/contact
- You must be logged in to reply to this topic.