If you sell a downloadable digital product such as an ebook or software, you already know about the risk of having your products stolen from your own download pages.

I read somewhere that it’s been estimated that more than 50% of all ebooks and software in use are copies that have been stolen, and most of those were stolen right from the merchant’s download page.

It makes me really angry to think of all the hard work that we put into product creation — only to have it stolen by some jerk without scruples.

Not only is it frustrating, but the loss can become very costly.

For example, even if only one book is stolen each day that would otherwise have been purchased for $47, that’s $17,155 per year that you don’t get to play with.

So… when I finally clued into the fact that my book was being downloaded for free by thieves, I got smart and got a download protector.

I use a product called DLGuard to protect my Super Affiliate Handbook and other digital information and software products from being downloaded for free by thieves (who unfortunately ABOUND on the ‘net), and have been absolutely thrilled with both it and the service that Sam Stephens provides.

On the DLGuard site, Harvey Segal comments, “The last time I tried to implement a download management solution I gave up after page 42 of a huge complex manual. With DLGuard it was ridiculously easy to install and then to run. Add to that Sam’s superb customer support and constant innovation and it’s an easy decision to purchase.”

What can I say but “ditto, ditto, and ditto”… and that was WITH technical support!

Sam’s system is easy to install, and better yet, if you have script installation phobias like I do, Sam is always right there to lend a helping hand… barring a bit of a time lag seeing that he’s on the other side of the planet.

Here is a screenshot from one of my DLGuard installations that shows the Adminstration Panel.

Product features include:

• Secure single product sales
• Built-in shopping cart
• Create Membership sites
• Expiring download links
• Limit download attempts
• Offer promotional coupons
• Calculates sales conversion rates automatically
• Template based for easy customisation
• Automatic mailing list sign-up
• Integrated with the major payment systems

DLGuard is also fully integrated with the following payment systems:

• Paypal
• Clickbank
• 2CO
• WorldPay
• Authorize.net
• AlertPay
• PayDotCom
• eBay
• e-Gold

This is truly one great script and a MUST-HAVE for anyone who sells digital information products and software online.

Check out the DLGuard site right now and start protecting your products from thieves today.

One of my servers was recently hacked — and although I don’t want to alarm you, you should know that your sites could be subject to attack at any time.

To help you protect your sites and your data, in this article I share what happened to my sites and why.

More importantly, I’ll tell you what I learned about defending my server, sites and computer against hackers.

What do hackers want?

Although some hackers get their thrills from breaking into and vandalising your property, most hackers are thieves. They may be identity thieves looking for credit card information, or they may want access to copyrighted works or sensitive intellectual property either for their own use or for the purpose of resale. Still other hackers are hijackers, who want to use your computer or server to send out spam email in phishing schemes.

Lucky me, I got a multi-purpose hacker(s) who demonstrated talent in 2 of the 3 categories above.

When Steve of DataWebPro discovered the problem, 250,000 of the spammer’s emails were ready to be delivered from my server — and we have no idea how many were sent.

While the hackers were having their jollies, the sites on that server slowed to a crawl and crashed a few times.

It’s nearly a month after the attack and we are still discovering that email sent to our customers with product download information, or to which they’ve subscribed in order to receive update notices from the forum, is being rejected by certain ISP’s, i.e. black-listed.

A bigger problem that was discovered during the episode was that one of our customer databases had been corrupted. Worse, it had been down and out for so long that the server backups couldn’t be used to rectify the problem.

Although both the blacklistings and database problems are resolvable issues, they have been a HUGE hassle and neither the incantation that Steve offered, nor the prayer sent by Andrew have been of much help.

So far, rebuilding the database has involved hour after hour of mind-numbing multi-platform data mining and entry which promises to continue for at least another 2 weeks.

How do hackers gain access to your account?

You’ve probably heard of worms, viruses and Trojan horse programs that can seriously damage or make your computer vulnerable to remotely controlled exploits.

Hackers like to look for ‘security holes’ through which they can gain entry without much trouble. These holes frequently exist in the programs and plugins that we install on our sites.

Hackers also use programs that are designed to figure out the passwords to your accounts. Typically known as brute force password attacks, these programs run through letter and number combinations until it gets a match and gains access to your account. When your server is being bombarded by one of these attacks, the sites may become interminably slow.

Perhaps the ugliest type of hack is the one to whom you gave your password willingly because he or she is doing some programming work on your site.

How to foil a hacker

At very least, we should protect our computers and data with routers, firewalls, anti-virus software and external hard-drives.

Remember, it is not enough to install these programs and hardware, we actually have to use them. For example, set up your anti-virus software to download updates automatically. Likewise, program your external hard-drive to automatically back-up your data on a regular basis.

If you are on a managed server, such as a BlueHost hosting account, login into your cPanel and Fantastico interfaces regularly and update your installed programs as the upgrades become available.

If you want to install programs and plugins that don’t come with Fantastico, research them for known ‘security holes‘. Better yet, ask the technical people at your ISP if they have information about the program. Because they are just as keen as you are to stop hackers, in many cases, they will research the software for you.

Too, don’t leave unused WordPress themes on your server, and un-install unused plugins.

Stay alert for unusual activity on your accounts. If you have trouble logging into any of your accounts and you sure the username and password is correct – alert your ISP right away and send the account name with logins.

If you are running a membership software such as Amember, you can prevent bruteforce attacks by setting an incorrect login attempts limit. That allows a user to make a mistake in entering their username or password only a set number of time times, i.e. 3 or 4. If the user exceeds these attempts the system will either lock them out of the system or prevent any future attempted logins.

If you need a programmer to tweak a particular piece of software, go first to the developer and find out whether they will either do the work or if they know programmers who are experts with that software. Otherwise, ask your friends if they can recommend a programmer whom they trust.

When you hire a programmer for a small tweaking job, set them up with their own password which you then cancel as soon as the work is finished.

Do NOT use duplicate passwords, i.e. use different passwords for your affiliate accounts and server access. For your best defense against bruteforce password attacks, be sure your passwords are comprised of numbers as well as uppercase and lowercase letters and change your passwords regularly.

Last but not least, backup your sites’ data! Although they probably do, it is not enough to count on your ISP to back up your site regularly. You can generate your own full site backups manually from cPanel.

A alternative that may be preferable however, is to install software that does automated backups and has a quick and easy restore process such as Affiliate Backup. At the time of the hacker attack, I had Affiliate Backup set up on only one site — now it is set up to run on all of my sites. And yes, I AM kicking myself for wasted a pile of cash on weeks worth of data entry, when I could have had another instance of the program installed for $57. DUH!!!

Although there is no way to completely eliminate hacker attacks, there is plenty you can do to prevent them from gaining access to your site. DO make the time and effort to protect yourself, because doing so after the fact takes 100 times more time and effort.