SUBSCRIBE NOW AND WIN PRIZES, USEFUL TIPS AND MUCH MORE
 

Risks of selling E-Products Online - Guest post by Dennisquek

Posted by dennisquek
November 2, 2008

Welcome! If you're new here, you may want to subscribe to my Full RSS feed. You can also subscribe via Email and have posts delivered to your inbox. You also increase your chances to win prizes!

Hi, let me first introduce myself. I am Eddie’s classmate and we study together. In my daytime, I work as a a Network Security Engineer, that specialises in security stuff. From your windows OS, Linux, networks, research, and a recently acquired skill - web application security.

My job goes through daily tasks of penetrating systems by hacking them, the smart and hard way, to harden a system and make sure nasty stuff doesn’t occur. In short, I am a pen tester. But my other side of life includes IM, short for internet marketing.

Problem
Recently I have been trying to market a new product, put them online, and sell them through Clickbank. I found it very insecure to sell E-Products online, with a sales page in general. Why are they insecure ?

1. You setup a sales page, with a thank you page / download page.
2. You put your E-product online, somewhere in a directory.
3. You use whatever method you could (Joomla Plugin / Clickbank), to automate the payment process
4. Buyer gets redirected to a download page / logged in to download your E-Product.
5. In actual fact, your E-product is sitting somewhere for everyone to download.

How it is done
No matter how random or wierd you rename your E-Product, it is still susceptible to web app scanning. In short, a scan of all files and subdirectories will reveal all files within your domain name.

There are ways to do this, but I don’t think IM guys are aware of this. Being said that, all Clickbank publishers actually have their products exposed, because upon payment, you are redirected to a download page. In fact, if you “guessed” the thankyou.html page properly, you can easily gain access to the E-product. Once again I am using a web app scanning tool instead of “guessing”.

I am still in the midst of testing a solution to solve this problem, so as to protect valuable assets. If you have a solution for this, I would love to have you share with me and diggitlive.com.
My personal blog is at www.dennisquek.com,hope to hear your views soon!




Related Posts:

  • Targeting eMiniMalls and TTZ Media To Make Money from internal search traffic
  • TNX Network Review
  • Web conference, the FOSS way
  • No Google Adsense Referrals for most International Publishers!
  • Adsense for Video goes into BETA testing

    • Analysis, Blogging, Designing, Make Money Online, Monetize, Uncategorized

    If you enjoyed this post, please consider to leave a comment or subscribe to the feed and get future articles delivered to your feed reader.

    Bookmark and Share

    3 Comments »

    Comment by Gin Vegas
    2008-11-06 00:11:16

    Useful articles for e-commercer like me :)

    Reply to this comment
     
    Comment by evden eve nakliyat izmir
    2008-11-18 03:20:14

    thanks..

    Reply to this comment
     
    Comment by büro mobilyalar?
    2008-11-29 02:20:37

    thanks..

    Reply to this comment
     
    Name (required)
    E-mail (required - never shown publicly)
    URI
    Your Comment (smaller size | larger size)
    You may use <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> in your comment.