Forum Replies Created
-
Posts
-
PayPal does not provide secure image hosting. You either have to use SSL or a recommended “secure image hosting provider.”
https://cms.paypal.com/us/cgi-bin/?cmd=_render-content&content_ID=developer/solutions_imagehosting
My personal opinion is that it helps your business more to host the images on your own site than on [https://cheap-image-storage.com]
Besides, the monthly cost of these services is more than the yearly cost of an SSL certificate.
SSL is implemented through the use of SSL certificates. You pay for the certificate, regardless of whether or not you use it for all parts of the site or not.
When SSL is being used, all communications between the site and the user (or PayPal) are encrypted. In today’s computing environment, the overhead of doing full time encryption is minimal. Gmail is an example of full time SSL.
The only reasons I can see for not using full time SSL are:
1. You are using an el cheapo (free) hosting service that simply doesn’t have the capacity to support full time SSL.
2. You are running a mobile website. Most non smartphones (WAP enabled) have trouble doing SSL.
3. You are in a country that requires you to obtain a government license to use SSL.
You can also save on the cost of an SSL certificate by using what is called a “self signed” certificate. However, it is analogous to the business that makes up and posts its own “trust us” stickers. That, and the fact that most browsers issue warning messages when they detect self signed certificates.
This is one of those threads that I never receive update notifications on… 8(
Give me a few days and I’ll put together a SandBox narrative.
You don’t “really” need it, BUT it is “good for business” to have it. The PayPal recommendation is to protect against impersonation by sites other than yours. Customers are then “assured” that they are dealing with your site.
If you are not a large company dealing with large amounts of money, it is more of an image than a security item. But you should have SSL if you can afford it.
Okay, here is the definitive answer… at least for Apache users.
Both the “#1 Default” and “#7 cURL” download methods will work for any size file, with cURL being preferred because it uses less PHP execution time per megabyte. However, many may have noticed that after about 5 minutes or so the download is mysteriously terminated. Running a Unix style “strings” command on the terminated download usually reveals a “200 OK” or “500 Internal” error message.
The answer on Apache servers can be found in the httpd.conf file…
# Timeout: The number of seconds before receives and sends time out.
Timeout 300
Even though eStore overrides the PHP script execution timer, if any download takes more than the configured number of seconds; Apache will terminate the download script.
I suspect the same thing applies to IIS and other servers as well.
Now I can rest in peace, knowing what was happening!
P.S. It is unclear if the timeout is in “real” or “processor” seconds. Use of a dedicated server may give different results than shared or grid hosting.
Yes. If you trust that your customers will not pass the links around.
I recommend you use the following eStore feature to handle the selling of your streaming videos.
http://www.tipsandtricks-hq.com/ecommerce/using-wordpress-permalinks-as-digital-products-apr-1217
Well, after going through several hundred Google results, the best reason for why downloads are being terminated has something to do with the ModSecurity module in Apache.
Well, for those who want to know why downloads terminate in mid transfer, I was able to “catch” this at the end of an 80 MB test file that aborted at the 50 MB mark…
<html><head>
<title>200 OK</title>
</head><body>
OK
<p>The server encountered an internal error or
misconfiguration and was unable to complete
your request.</p>
<p>More information about this error may be available
in the server error log.</p>
<address>Apache Server at yoursite.com Port 443</address>
</body></html>
@jesssse @timprebble @scottonstott @ToneManufacture @sayWhat and anyone else who has large test files…
Disclaimer: No promises, but we’d like you to tryout a change we made last night to one of the download methods.
1. Download version 4.6.3 of eStore:
https://support.tipsandtricks-hq.com/automatic-update-request
2. Install the update:
http://www.tipsandtricks-hq.com/ecommerce/wordpress-estore-installation-and-usage-guide-31
3. If you are using the plugin’s downloads folder to store you files, remember to delete the ,htaccess file after the update (because it gets replaced).
4. WP eStore -> Settings -> Addon Settings -> Download Manager Related
a. Automatic URL Conversion Preference -> Do Not Convert
b. Download Method -> Method 7, cURL
Note: If you don’t see Method 7 it means the cURL library is not installed on your server. Also, please write down your current settings in case you decide to go back to what you previously were using.
5. Update/Save the new settings.
6. Please try it out and report back. Tell us the size of the file(s) used and the results.
When creating individual products, you would enter the fully qualified (HTTP) URL that corresponds to that particular product, into the “Digital Product URL” field. When you save the information, eStore assigns a “Product ID” number to the product.
When creating “bundled products,” you would enter the coma separated, “Product ID” numbers of each product component into that same field. So if you are selling 6 individual tracks, whose assigned Product ID are 1,2,3,4,5,6 as a bundled “album,” whose product ID would be 7; you would enter 1, 2, 3, 4, 5, 6 into the Digital Product URL field.
Alternatively, if you are not selling individual tracks, but still have the album broken into track files; you can replace the 1-6 with the (coma separated) actual (fully qualified) URL of the track files.
Divide the album into individual track files. Offer each track file as an individual product, or offer an album “bundle” of all the individual track files. So if an album contains 6 tracks, you might have 7 products; 6 individual products of 1 track file each and 1 album “bundle” of all 6 track files.
The reason for breaking the album into individual track files is that it is easier for a customer to download smaller files than having to sit through 1 large download; hoping that nothing “goes wrong” with the download.
Oh yeah, you mentioned you also have the PDF Stamper as well. Try to verify that eStore works with unstamped files first, before trying to get it working with stamped files.
Using the latest version may correct the problems you are having.
The .htaccess file that is mentioned is in the downloads folder of the plugin. The “.” at the beginning of the file name makes it invisible. Akso there is an empty index.html file in that folder used to prevent people from casually browsing for download files. Using an FTP client will allow you to see the real contents of the folder.
The plugin must be manually updated according to these instructions…
http://www.tipsandtricks-hq.com/ecommerce/wordpress-estore-installation-and-usage-guide-31
Upgrading an existing eStore installation does not require license reactivation.
Umm, did I cover everything?
