Archive

Category Archives for "Amazon S3"
14

Storing and Protecting Video, Audio and Other File Formats

=> Click here to see a demo of the latest S3MediaVault video/audio player

Q1: What’s the difference between storing files on Amazon S3 (and serving it using the S3MediaVault.com plugin), compared to storing the files right on your own web site and having DAP serve them directly to your members?

A: If all files are stored right on your web site, and you have a large amount of video, audio and other files, then a lot of people viewing and downloading them from your site will use up a lot of resources on your server – like site loading time, server memory, server bandwidth, etc – and your site could slow down considerably. Plus, on top of that, there are also bandwidth charges that your host will charge you with for all of those downloads, which are usually not very cheap.

And don’t put too much faith in your web host’s “Unlimited Bandwidth” clause, because if you read the fine-print carefully, you’ll see that as per their TOS, if you consume large amounts of bandwidth and use too much of the server resources, this could cause other web sites (belonging to others) on the same server to slow down and have a degrade in performance, especially if you are on a shared hosting account. And they could consider this abuse of their TOS, and could either slap you with huge bandwidth or server utilization fees, or may even ask you to take your web site elsewhere because you’re causing issues for other site owners on the same server.

Instead, if the files are stored on Amazon S3, then you don’t have to worry about your site slowing down, or you using up too much bandwidth and getting slapped with huge bandwidth fees, because the files are being served from Amazon’s huge S3 servers which have tons more resources and speed compared to your web host.

Plus in the long run, bandwidth is cheaper on S3 compared to your web host.

 

Q2: Can DAP protect content stored on an external site, like Amazon S3?

A: Not directly, not by itself. By default, DAP can only protect files (and any other content) that is on the same web site where DAP is also installed. For large files, we do recommend that you store files on a fast, scalable file server like Amazon S3. Now, the page or post itself (in which you post that Amazon S3 link) can be protected by DAP, and no un-authorized user can even see the content of the page (or the link within that page).

However, once a user has authorized access to a page because they’re a member, now they can see the page where you have that Amazon S3 link.

It’s similar to posting a public YouTube video on a protected DAP page on your web site. Sure, DAP can protect the page from un-authorized users, but authorized users can actually see the page, and see that it’s a YouTube video, and clicking on that video will directly take them to a page on YouTube.com, which DAP has no control over, and cannot protect once they leave your web site.

Similarly, DAP cannot directly protect that external link to your file stored on Amazon S3. And that’s where our Amazon S3 plugin S3MediaVault.com (S3MV) comes into the picture.

S3MV can make sure that your files on Amazon S3 cannot be accessed directly by anyone, even if the link were shared with others via email or on a forum, and can ONLY be accessed through a page or post on your web site (web site where you have installed the S3MV WordPress plugin).

NOTE: The S3MV plugin is included for free with your purchase of any DAP license, starting with the Unlimited-site license and above.

 

Q3: Can S3MediaVault prevent members from downloading the protected videos or audios?

A: S3MediaVault is not a “true streaming” solution. Which means, it doesn’t stream videos in real time, but rather, plays the video by buffering the file as the viewer is watching the video. And that’s the right way to do it, if you care about your viewers.

This means your viewers will be able to rewind, even put the video on pause (especially for large videos), so that it keeps buffering in the background, and then come back and watch it later when it has fully “loaded” , so that they won’t experience any real-time buffering. This is very useful for viewers that don’t have fast internet connections.

What this also means, is that anyone who watches your video, can also use free, browser plugins (like DownloadHelper) that allow you to download a video that you’re watching in your browser. This is not a security breach. They are able to download it to their computer, only because they currently already have been given authorized access to the video/audio itself.

Please remember that anything that is accessible online – like audio, or video – can always be easily downloaded to the viewer’s desktop. There are many different ways in which you can download what you are viewing in your browser. The bottom-line is this: If a video or audio is able to be viewed in a browser, it can easily be downloaded – or “recorded” using screen-capture solutions like Camtasia, or audio capturing solutions like Audacity), and then saved – to the viewer’s computer.

S3MediaVault makes sure no one can directly access your files from your S3 account, and can only play or view it from your site (where the S3MediaVault plugin is installed).

Then combine that with the Page/Post protection of DigitalAccessPass (DAP),which can make sure only certain people (like paid members, or free but registered users) can access the post or page where the S3MediaVault embed code is published.

Combine DAP + S3MediaVault, and you would have now completely locked down your content from any and every kind of un-authorized and illegal access.

So once someone has paid for your content (or registered for it), and are authorized users who have a right to view or hear that content, it’s OK that they get to download what they’re eligible for, to their computer, for offline use (like during their morning walk, or on the treadmill, or in their car, or when standing in line at the theme park!)

We don’t believe it is a good idea for you to completely prevent even your legitimate, paying members from downloading your videos. After all, they’ve paid for it, and should be able to download it and watch it offline (like on their mobile device, ipad, iphone, etc).

In fact, the best membership sites that we’ve seen, and have helped set up, offer the content in multiple ways: Download the videos for playback later universally on all devices (mp4), download audio version of this video (mp3), download the transcript of the video (PDF), etc.

The more you make it easier for your members to consume your content, the more they will love being a member, and stay with you longer.

If you absolutely must have “streaming” videos that viewers cannot download at all (and also cannot easily buffer ahead and play at their own convenience), then we recommend Vimeo.com/pro.

22

Protecting Files

DAP File Protection

DAP is one of the few membership plugins that can protect all kinds of web site files on your web site. But this feature comes with a few caveats. Read this page completely before you decide.

DAP can protects files “in-place” – meaning, the exact same files that will actually be accessed by your members when they’re eligible to.

Most other membership plugins resort to all sorts of “gimmicks” – like hiding the real location of the main file, cloaking it, trying to obfuscate the link, etc.

Not only is it a inefficient way of securing files, but it’s also extremely insecure.

On top of that, with other membership plugins, you cannot send protected links via email, because that would then give away the location of the true file, which they are not protecting.

DAP is among the very, very few membership plugins that protect files in place, which means even if the true location of the file is passed around by your members to their non-member friends, the file cannot be accessed without having to log in first with a valid member account that is actually eligible to access that file.

DAP provides the ultimate security for your files – and ultimate peace of mind for you – like no other plugin can, knowing that your content can never be illegally shared online with un-authorized users.

And DAP can protect any kind of file – including videos, audio, images, reports, zip files, even Javascript files – with any kind of extension: like .pdf, .doc, .zip, .jpg. .js, .mp3, .mp4, .mov., etc etc.

RECOMMENDED: Amazon S3 File Storage

Highly Recommended

The ideal and best way to store files is to store them on Amazon S3, and then use a plugin like our own S3MediaVault.com to insert secure, expiring links to those files within your WordPress pages. That way, the page itself is protected by DAP, your files on Amazon S3 are protected by the S3MediaVault plugin, and you have two layers of protection for your content.

If you decide to store your files on Amazon S3, then ignore the rest of this article, and head over to Storing files on Amazon vs your Webhost

The steps below are only useful if you are going to use all of your files on your own web hosting account – which is not ideal and is not recommended.

Section I: Protecting Files Under WordPress

This is the easiest way to protect files on your server, in DAP.

1) Upload them to your WordPress blog when you are writing a new post. All such files will be stored in a folder called “wp-content/uploads/….“.

For large files, you could simply upload them directly using FTP, directly into the “wp-content/uploads/” folder and DAP is configured right off-the-shelf to “look” for any file inside the “wp-content/uploads/” folder. But once the file is under the “wp-content/uploads/…” folder (either directly under it, or under a sub-folder, like wp-content/uploads/videos/), you will now still need to let DAP know that this file is to be protected as part of a Product.

NOTE: You DO NOT have to upload files using the WP file uploader (like some of our competitors force you to do!). You can use regular, plain ol’ FTP, using a client like FileZilla or CuteFTP, or your webhost cPanel’s FTP feature.

2) Go to the product you wish to protect the file as part of, and then scroll down to the “ContentResponder” section.

2.1) If you know (or can figure out) the full URL to your file – like http://www.YourSite.com/wp-content/uploads/coolreport.pdf – you can simply paste that directly into the field “A” (in the image below)

2.2) Or, if you can’t figure out the full URL, then you can enter “wp-content” (if your blog is directly in your root folder) – or “blog” or “members” (if your blog is not in your root, and is in a sub-folder) into field “B” below, and then click on “Load Files”, and it will show you all files under that folder. And you will be able to scroll through and look for your file. And there click on the “Add” link right next to that file name you wish to protect.

Once you do (2.1) or (2.2) above, the file will get added to the Product, and will now be protected.

Section 2: Protecting Files Outside of WordPress

This is NOT RECOMMENDED, unless you are technical and you know what you’re doing.

There is a one-time setup process involved, if you wish to protect files outside of your WordPress directory.

1. You need to add the following code to the .htaccess in the root of your web site. So, in your web site’s root folder (where you have your home page – like index.php or index.html for example)…

i) if you already have an existing .htaccess file there, then just open it, COPY the text from below and PASTE it at the very end of this file.

ii) If there is no .htaccess in your root folder, then create one, and then open it, COPY the text from below and PASTE it at the very end of this file.


NOTE: BE SURE TO MAKE A BACK-UP OF YOUR EXISTING .htaccess FILE FIRST

#Paste this at the very end of your .htaccess file
#in your web site's root folder

<IfModule mod_rewrite.c>
#dap
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} -f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !dapclient.php
RewriteCond %{REQUEST_URI} !^/dap/
RewriteCond %{REQUEST_FILENAME} !(.*)(\.php|\.css|\.js|\.jpg|\.gif|\.png|\.txt)$
RewriteRule (.*) /dap/client/website/dapclient.php?dapref=/$1&plug=wp&%{QUERY_STRING} [L] </IfModule>

 

Doing the above enables file protection for files outside your WordPress installation folders.

2) Now go to the DAP Product you wish to protect the file as part of, and then scroll down to the “ContentResponder” section. Then…

  • If you know the full URL to your file – like http://www.YourSite.com/reports/coolreport.pdf – you could simply paste that directly into the field “A” from the image above (make sure you “visit” this URL first and verify that there is actually such a file at this link)
  • OR… if you can’t figure out the full URL, then you can enter the text “reports” (the name of your top-level folder where your file is) into field “B” from the image above, and then click on “Load Files”, and it will show you all files under that folder. And you will be able to scroll through and look for your file. And there click on the “Add” link right next to that file name you wish to protect.

The file is then added to the Product, and will now be protected as part of that Product.

That’s it.

Testing File Protection

Open a different browser (not different window – a totally different browser – like, if you’re logged in as DAP admin in FireFox, then open IE)  and try to access your file directly and see if DAP redirects you to the login screen.

If not, take a deep breath – it’s NOT DAP 🙂

It’s just that you probably missed something during the setup.

Revisit the steps above, and if you still can’t figure it out, you might want to think about uploading the file to Amazon S3.

This feature can be hit-or-miss depending on server software, PHP version, security software on your server, etc. So if it works, then great.

If it doesn’t work, then it is specific to your server. So if you want us to log in to your site and troubleshoot this, if you are a Platinum member, we can do this for free.

And if you’re not a Platinum member, you will have to purchase a premium support slot in order for us to log in to your site and troubleshoot this.

So while you can try it and see if it works, especially if you’re protecting just a couple of ebooks and reports, if it doesn’t work, then it’s in your best interest for the long-term, to switch to Amazon S3 for hosting your premium files.

Recommended Reading

If you have a number of large files to deliver to your members, then you should consider hosting your files on Amazon S3. And here’s why…