[web] Creating secure download links that can't be typed in the address bar?
Author
I have a program that people can download after they purchase it through paypal. However, I was wondering how to create a link that they can download the program from, but that can't be typed in the address bar.
An idea, assuming that you dont want just anyone to be able to download it:
Email them some sort of key code and also email a link to a page that accepts that id as a parameter on the url. The id you give them can be put in a table that holds those ids of all the users permitted to download it. Once the file has been downloaded, you can remove the id from the table so that it cannot be downloaded again.
How you handle requests for re-downloads is up to you.
Hope that gives you some ideas!
Dave
Email them some sort of key code and also email a link to a page that accepts that id as a parameter on the url. The id you give them can be put in a table that holds those ids of all the users permitted to download it. Once the file has been downloaded, you can remove the id from the table so that it cannot be downloaded again.
How you handle requests for re-downloads is up to you.
Hope that gives you some ideas!
Dave
I don't think that what your asking for is nessisarily what you want.
What you want is to add an id to each purchuse, so you can then "authenticate" them, and only allow the link to work a set number of times.
For example, they get a link to www.yoursite.com/download.php?code=123456789
If you make the code a random number, that is large enough, you can stop people from simply guessing the code.
You can also use some server-side authentication. For example, checking that the referer came from the right page, that they have the right cookie, and that the ip address is similar each time. (check the host, and get rid of the first part of the host, usually does it).
Basically, you have your ip address, say 192.168.159.15
That then can be mapped into a host name, say host-random-stuff-here-really.midco.net
This then says that you have midco.net as your isp, and isn't really identifying otherwise. You can, however authenticate that others are not him, if they do not share at least midco.net in their host.
similarly, if your host is c-random-random-random-random.hsd1.wa.comcast.net
It means that your in washington, using comcast.net.
It is very rare that you should move states, and it would then allow you to make sure that people simply don't post the link somewhere for others to download. (because you say allow 5 downloads, and they only need one).
You would, however, allow them to reauth themselves, using some sort of personal information (for example, address or so), which would then allow people to, say change state or isp and then auth themselves and allow them to download there software again. (this is safe because nobody is going to post their own personal information on the internet).
Yeah, its a bit longwinded, but its simple enough to implement. I actually use this form of authentication on my bots. :) (well, the host based id, rather then say referrers, etc. There isn't much use for one in an ircbot :))
What you want is to add an id to each purchuse, so you can then "authenticate" them, and only allow the link to work a set number of times.
For example, they get a link to www.yoursite.com/download.php?code=123456789
If you make the code a random number, that is large enough, you can stop people from simply guessing the code.
You can also use some server-side authentication. For example, checking that the referer came from the right page, that they have the right cookie, and that the ip address is similar each time. (check the host, and get rid of the first part of the host, usually does it).
Basically, you have your ip address, say 192.168.159.15
That then can be mapped into a host name, say host-random-stuff-here-really.midco.net
This then says that you have midco.net as your isp, and isn't really identifying otherwise. You can, however authenticate that others are not him, if they do not share at least midco.net in their host.
similarly, if your host is c-random-random-random-random.hsd1.wa.comcast.net
It means that your in washington, using comcast.net.
It is very rare that you should move states, and it would then allow you to make sure that people simply don't post the link somewhere for others to download. (because you say allow 5 downloads, and they only need one).
You would, however, allow them to reauth themselves, using some sort of personal information (for example, address or so), which would then allow people to, say change state or isp and then auth themselves and allow them to download there software again. (this is safe because nobody is going to post their own personal information on the internet).
Yeah, its a bit longwinded, but its simple enough to implement. I actually use this form of authentication on my bots. :) (well, the host based id, rather then say referrers, etc. There isn't much use for one in an ircbot :))
You can also put some kind of secret data in a cookie. The cookie will be sent by the browser when sent from the given machine, but not from other machines.
However, cookies do expires, and different browsers don't share cookie databases, and some scared people turn off cookies (although it doesn't give you an ounce of better privacy).
Last, the cookie CAN be copied to another machine, if you know what to look for.
However, cookies do expires, and different browsers don't share cookie databases, and some scared people turn off cookies (although it doesn't give you an ounce of better privacy).
Last, the cookie CAN be copied to another machine, if you know what to look for.
^^ And therefore cookies can be unreliable for such important things.
You can maybe assign a unique transaction ID (randomly generated... and long) for every transaction when your client pays you. Then, associate the file with that ID via your database system and set it to expire after a given amount of time (say 24 hrs). Unless your client shares his ID publicly (which would be as bad as him buying it and then sharing it, which you cant help anyway), you should block downloads to everyone else. If you have a large number of clients buying programs everyday then maintain a list of successful transaction ids per item, and keep removing those ids after they expire and/or the product is downloaded.
If you have a secure user login script on your website, then its even better because you can just associate items with user ids, and let whoever logs in to that ID access the file after the payment is complete. Unless your client has a very poor password that gets cracked (which again is as bad as him buying it and sharing the file which you cant help anyway), you should be safe.
You can maybe assign a unique transaction ID (randomly generated... and long) for every transaction when your client pays you. Then, associate the file with that ID via your database system and set it to expire after a given amount of time (say 24 hrs). Unless your client shares his ID publicly (which would be as bad as him buying it and then sharing it, which you cant help anyway), you should block downloads to everyone else. If you have a large number of clients buying programs everyday then maintain a list of successful transaction ids per item, and keep removing those ids after they expire and/or the product is downloaded.
If you have a secure user login script on your website, then its even better because you can just associate items with user ids, and let whoever logs in to that ID access the file after the payment is complete. Unless your client has a very poor password that gets cracked (which again is as bad as him buying it and sharing the file which you cant help anyway), you should be safe.
The best way is to use HTTP authentication and give them a username/password that lets them download it.
Another possibility is to copy (or symlink) the files into a directory with a randomly chosen name, and delete it after a specified period of time (but of course this gives you a problem if they need to download it again later).
In any case, don't try too hard, as they can still put copies on P2P or send them to their friends whatever you do.
Mark
Another possibility is to copy (or symlink) the files into a directory with a randomly chosen name, and delete it after a specified period of time (but of course this gives you a problem if they need to download it again later).
In any case, don't try too hard, as they can still put copies on P2P or send them to their friends whatever you do.
Mark
Better offer your program as a simple download and do the protection in the app instead of in the website. E.g. some serial/key scheme in your program. Much better.
I would have to aggree with Sander on this one. That seems to be the most reliable way to block pirating. So give that a try.
Quote:Original post by Sander
Better offer your program as a simple download and do the protection in the app instead of in the website. E.g. some serial/key scheme in your program. Much better.
I'm going to have to disagree. I've found the most indie of indie, the smallest of small games cracked and ready to use without any kind of registration. It's sad, yes, but must be taken into consideration.
I would use a combination of both if possible, and keep logs of every download attempt, with the corresponding IP and time.
Quote:Original post by oscinisQuote:Original post by Sander
Better offer your program as a simple download and do the protection in the app instead of in the website. E.g. some serial/key scheme in your program. Much better.
I'm going to have to disagree. I've found the most indie of indie, the smallest of small games cracked and ready to use without any kind of registration. It's sad, yes, but must be taken into consideration.
I would use a combination of both if possible, and keep logs of every download attempt, with the corresponding IP and time.
On the other hand having no protection at all except at the download level means that instead of getting it & cracking & distributing it a warez group only has to get it & distribute it (it also removes potential early purchasers who'd buy it if they couldn't warez it since you don't even get a buffer time of a few days to sell while your program hasn't yet been cracked)
Sure both option are pretty poor but it's about taking the lesser evil.My suggestion would be that you do both & at the same time make it non intrusive (i think generating a random link & having it stay valid untill one download has been sucessfully completed +30min (in case the guys screwup or something) is good enought & having the app protected with a unique (bound to the buyer) key is good too, send it by mail as well as a support link to request support should the user need to re download)
This topic is closed to new replies.
Advertisement
Popular Topics
Advertisement