13

Unlocking Users

DAP has a feature where if a user logs in from more IP addresses than what you’ve configured as DAP Admin (default: 5) under “Setup > Config > Advanced > Max. # of User Logins From Different IP’s” , then the user’s account automatically gets “Locked”, and both the user and you (the admin) will get an email notifying you that the user’s account has been locked.

You could then unlock them yourself, or wait for the user to send you an email and ask to be unlocked.

How to Unlock Users

1. Search for the User by email on the “Users > Manage” screen
2. Click on the name or user id. You will now be taken to the “Edit User” screen where you can see the user’s full details
3. Next to user’s name, you should see a button called “Unlock User” (you will see this only if the status of the user is “Locked”, and won’t see it for other regular users).
4. Click on the “Unlock User” button. That’s it. When you click the “Unlock User” button, the user’s login records are deleted, and the previously recorded IP addresses are deleted. So user basically starts with a fresh, new login count.

TIP: If your users are getting locked out too frequently, and you don’t want the hassle of unlocking them regularly, simply set the count to a higher number – like 20. Or you can also disable login IP check for individual users, or for your entire web site as a whole.

41

Cancellations and Refunds

Cancellation Of Ongoing Subscription

DAP employs a very unique “Pay As You Go” model.

It’s very similar to the “Pay As You Go” model used by cell phone companies.

You pay first, then new content (or “cell phone minutes” in the mobile world) gets released to you. You stop paying, you don’t get new content (minutes).

So let’s say a member (Joe Customer) joined your membership site this month, and this is January. So he’s on Month #1 in January.

When he first signs up (free or paid trial, or actual 1st month’s subscription), then his start and end dates in DAP on your site look like this:

Start date: Jan 1, 2009
End date: Jan 31, 2009

(Of course, DAP uses actual dates like “01/01/2009”, but “Jan 1, 2009” is easier to read for most people, especially an international audience – so using the above date format just for the purposes of this post).

Then, let’s say, his February subscription payment comes in. Now DAP “extends” his access to your content by a month. So now the dates look like this:

Start date: Jan 1, 2009
End date: Feb 28, 2009

Now your member Joe has access to all content from Jan 1 to Feb 28 (meaning, about 60 days worth of “dripped content”).

Then end of February, he decides to cancel his membership for whatever reason (or his credit card gets declined or rejected while processing payment for Feb). So no payment comes in for March.

Now because no payment came in, DAP doesn’t really do anything about his access dates. So they continue to stay at:

Start date: Jan 1, 2009
End date: Feb 28, 2009

So any content that you have configured to be dripped on, say, Day #61 (which is Month #3), won’t be available to Joe, even though he continues to remain an “Active” member within DAP, and continues to get your autoresponder and br0adcast emails, and even continues to have access to your affiliate program and continues to earn commissions.

Actually, it gets even better – just because Joe’s end date expired, he basically now has NO access to ANY content on your web site (even Month #1’s content).

[Note: Just so you know, DAP does have a feature to enable “Access to Previously Paid-for Content”. Keep reading for details.]

Now all Joe has lost is just the “access to the content”.

So let’s say you exchange emails with him, ask him why he wanted to cancel, and try to convince him to come back (or get him to use a new, valid credit card).

Now remember that Joe is still at the end of February’s content (Month #2). So whenever the next payment comes in (be it in March, April, or 1 year later), Joe now gets access only to the 3rd month’s content, and not, say, the 10th month content.

So even though it is now say, May, because Joe’s next payment came in just now, his access dates now look like this:

Start date: Jan 1, 2009
End date: March 31, 2009

So that’s how DAP takes care of your content and makes sure that when members cancel or their payment doesn’t come in for whatever reason, your content cannot be accessed by unauthorized users.

But let’s say you want to be really fair and look like a “generous, honest” guy to your members. In that case, you want to make sure that if someone cancels their subscription 6 months after being with you, you don’t want to ‘screw’ them just because they stopped paying you. Who knows, they’ll probably come back if you keep showing to them what kind of content you’re building. Or they may buy your other products.

So now you want to make sure that they get access to the last 6 months worth of content, for which they have actually paid for.

There is a Configuration element in DAP where you can just turn this feature on, and members can instantly start access all “Previously Paid-for Content”.

So that’s how DAP puts a unique twist on cancellations.

 

Cancellation Of Trial

There is a small twist to the cancellation of a free or paid “Trial”. Consider the following example:

• User made the purchase on 2011-09-16.
• Because you have set it up as a 14-day trial, User gets 14 days of access.
  So at this time the user’s access start date = 2011-09-16 and user’s access end date = 2011-09-29  (14 days access).
• He then asks you to cancel his trial. So you go into your payment processor back-office, and cancel his future payments.
• In this case, because it’s a “trial”, if he ever decides to come back down the road and sign up for a trial again, you need him to start all the way AT THE BEGINNING.
• Which means, you must completely remove this person’s access to the product in DAP.
• If you don’t do it, then if he does come back later, then DAP will think he’s an existing user who wants to RESUME his subscription, and will move him past the trial into the next payment period meant only for people who actually stayed past the trial.

 

Refunds

“Refunds” are a slightly different animal than “Cancellations”. While a subscription “Cancellation” means you only have to stop access going forward, a “Refund” means you have to actually roll-back existing access.

So, doing a refund takes a few steps.

1. Go into your payment processor (like Paypal.com, Authorize.net, etc) and refund the actual payment
2. Now log into the DAP Dashboard on your site
3. Go to the “Orders” page, search for all of the user’s transactions by her email id
4. Click on the “Id” link for the transaction that you wish to refund
5. On the transaction details page, you will see a “Refund” button. Click on that.
6. That will mark that transaction as a refund, and also create a new transaction with a negative value (same as value of original transaction, except negative in value)
7. DAP then rolls-back access for that user by one payment period (or “Recurring Cycle #3” from the Product page). So if member is still in month 1, then user will lose complete access to the product. But if member is on month 3, then since only one payment is being refunded, only the last month’s access (month #3’s access) will be rolled back – so now they only have access till month 2.
8. Go back to “Manage > Users” screen, search for user by email, and make sure access is either rolled back, or access has been completely removed for that member.
9. All Affiliate commissions credited to affiliates for this particular purchase will be automatically and completely rolled back. So the affiliate who referred this purchase, will see a negative commission credited to their account, that cancels out the positive commission credited earlier. So that in effect zeroes out their commissions.

4

Removing User Access To A Product And Deleting Users

Expired Users

Users whose access has expired – i.e., today’s date is greater than the access end date for a specific product – automatically lose access to all of the content within the product. You don’t really have to do anything to prevent them from not accessing the content.

NOTE: If you actually *want* your members to have access to previously paid for content (content that they were paying for before their account expired), then you can do that by setting the config field “Setup > Config > Advanced > Allow access to previously-paid-for content even after subscriber cancels?” to “Y”. If this is set to “N” (which is the default setting), then as soon as a member’s account expires, they automatically lose access to all content in the product.

Manually Removing Complete Access to a Product

1. First search for user in the “Users > Manage” screen.

2. At the end of the user’s row of information, you’ll see a link called “Remove”. If you click on this link, the user will completely lose access to the Product – like they never ever had access to it. You will lose all history on that specific product access (when did they first sign up for that product, when they expired, etc). So use caution when completely removing access in this manner. Of course, nothing happens to the user data itself. And their actual order information (“Orders” page) also remains intact, and you can view it on the “Orders” page by searching using a transaction number or email id. It’s only the user’s access to the specific product that is removed.

Rolling Back Access to a Product

If you just want to roll-back access by a month, instead of completely removing access, then you can do this from the “Users > Manage” screen, by searching for the User first, then checking the check box next to their record, and then selecting the “Rollback Access for Selected User(s) to the Product by 1 Recurring Cycle” and picking a product name from the drop-down.

Deleting users

If you wish to completely remove the users from your database, then check the check-box next to the user’s row, and then in the upper right hand section, click on the “Go” button next to the text “Fully Delete Selected Users from the database”. That should do it.

16

Protecting An Entire WordPress Category

You can protect an entire WordPress “Category” in your WP blog, simply by adding the “Permalink” of that category to a “Product”, just like you would protect the permalink of a blog post or page.

Please note that on the DAP Product page, you will only see the permalinks to Pages and Posts, not Categories. So the category permalink is something you would have to figure out (it’s very easy) as shown below, and then directly add that permalink to the DAP Product.

Figuring Out The Category Permalink

So, browse to your blog in your browser, visit the category that you wish to protect on your blog.

If your blog is in the root, it will look like….

http://www.digitalaccesspass.com/category/my-category-name/

If your blog is in a sub-folder called, say, “blog”, then the link will look like…

http://www.digitalaccesspass.com/blog/category/my-category-name/

So copy the link that you see in your browser (this is the “permalink” for that category), log in as DAP Admin, and add it to one of your products. That’s it.

Just protecting the category will protect all posts assigned to that category, be it posts that were already assigned to it, or posts that you will be creating in the future and assigning to that category.

IMPORTANT

When you add an entire category of posts to DAP, then all posts in that category – posts currently in that category, as well posts you will be adding in the future under that category – will all become automatically protected.

So if you add the entire category to DAP and then configure that “link” to be available on a certain day, or date, then remember that ALL posts within that category will automatically become available on that day or date.

WARNING 1

Also remember that because you are adding an entire category of posts, and not individual posts, you won’t be able to configure individual posts within that category to be dripped at various times. Only the “category” link can be configured to be dripped, and not the individual posts within it.

ALTERNATIVE

Please note that when you protect a category in DAP, then all posts that are assigned to this category will drip at the same time. It’s not possible to drip the category itself on “Day #X” and then drip the posts within on different days. It’s ALL OR NOTHING when it comes to category protection.

So if you want a much more tighter control on the dripping, then better to use Pages and Sub-Pages in WordPress.

Since you would anyway need to set up a dripping “day” for each piece of content, it is actually highly recommended that you drip them as Pages and not posts.

So let’s say you create 3 pages:

http://yoursite.com/Month-01
http://yoursite.com/Month-02
http://yoursite.com/Month-03

Then there would be sub-pages (Pages which have above Pages as the Parent) under each of these, like…

http://yoursite.com/Month-01/Week-01
http://yoursite.com/Month-01/Week-02
http://yoursite.com/Month-01/Week-03

Etc.
So then you can drip a Page on Day #1 (say), and then drip the sub-pages on Day #2, #3, etc.

That’s the easiest, best and most convenient set up, especially if you want a great deal of control over the dripping, and also don’t want anyone to see even any links or hints regarding what else is coming.

IMPORTANT

If you do category protection, then you MUST use a custom error page. So basically, create a custom error page – like http://YourSite.com/error/ – and then use that as the “Error Page URL” of the product under which you’ve protected the category, and also the Error-Page URL (Global) under setup config.

Troubleshooting

If you protect a category, and you can still access all of the posts assigned to that category, then it could mean…

1) You are already logged in as a user who does have authorized access to the product under which the category is protected. Or,

2) It means you have turned on “Sneak-Peek” but haven’t inserted any more tags into your posts, so the entire posts are showing up unrestricted. In which case, you will either need to turn off Sneak-Peek, or keep sneak-peek on and insert more tags into all of your posts.

22

Protecting Files

DAP File Protection

DAP is one of the few membership plugins that can protect all kinds of web site files on your web site. But this feature comes with a few caveats. Read this page completely before you decide.

DAP can protects files “in-place” – meaning, the exact same files that will actually be accessed by your members when they’re eligible to.

Most other membership plugins resort to all sorts of “gimmicks” – like hiding the real location of the main file, cloaking it, trying to obfuscate the link, etc.

Not only is it a inefficient way of securing files, but it’s also extremely insecure.

On top of that, with other membership plugins, you cannot send protected links via email, because that would then give away the location of the true file, which they are not protecting.

DAP is among the very, very few membership plugins that protect files in place, which means even if the true location of the file is passed around by your members to their non-member friends, the file cannot be accessed without having to log in first with a valid member account that is actually eligible to access that file.

DAP provides the ultimate security for your files – and ultimate peace of mind for you – like no other plugin can, knowing that your content can never be illegally shared online with un-authorized users.

And DAP can protect any kind of file – including videos, audio, images, reports, zip files, even Javascript files – with any kind of extension: like .pdf, .doc, .zip, .jpg. .js, .mp3, .mp4, .mov., etc etc.

RECOMMENDED: Amazon S3 File Storage

Highly Recommended

The ideal and best way to store files is to store them on Amazon S3, and then use a plugin like our own S3MediaVault.com to insert secure, expiring links to those files within your WordPress pages. That way, the page itself is protected by DAP, your files on Amazon S3 are protected by the S3MediaVault plugin, and you have two layers of protection for your content.

If you decide to store your files on Amazon S3, then ignore the rest of this article, and head over to Storing files on Amazon vs your Webhost

The steps below are only useful if you are going to use all of your files on your own web hosting account – which is not ideal and is not recommended.

Section I: Protecting Files Under WordPress

This is the easiest way to protect files on your server, in DAP.

1) Upload them to your WordPress blog when you are writing a new post. All such files will be stored in a folder called “wp-content/uploads/….“.

For large files, you could simply upload them directly using FTP, directly into the “wp-content/uploads/” folder and DAP is configured right off-the-shelf to “look” for any file inside the “wp-content/uploads/” folder. But once the file is under the “wp-content/uploads/…” folder (either directly under it, or under a sub-folder, like wp-content/uploads/videos/), you will now still need to let DAP know that this file is to be protected as part of a Product.

NOTE: You DO NOT have to upload files using the WP file uploader (like some of our competitors force you to do!). You can use regular, plain ol’ FTP, using a client like FileZilla or CuteFTP, or your webhost cPanel’s FTP feature.

2) Go to the product you wish to protect the file as part of, and then scroll down to the “ContentResponder” section.

2.1) If you know (or can figure out) the full URL to your file – like http://www.YourSite.com/wp-content/uploads/coolreport.pdf – you can simply paste that directly into the field “A” (in the image below)

2.2) Or, if you can’t figure out the full URL, then you can enter “wp-content” (if your blog is directly in your root folder) – or “blog” or “members” (if your blog is not in your root, and is in a sub-folder) into field “B” below, and then click on “Load Files”, and it will show you all files under that folder. And you will be able to scroll through and look for your file. And there click on the “Add” link right next to that file name you wish to protect.

Once you do (2.1) or (2.2) above, the file will get added to the Product, and will now be protected.

Section 2: Protecting Files Outside of WordPress

This is NOT RECOMMENDED, unless you are technical and you know what you’re doing.

There is a one-time setup process involved, if you wish to protect files outside of your WordPress directory.

1. You need to add the following code to the .htaccess in the root of your web site. So, in your web site’s root folder (where you have your home page – like index.php or index.html for example)…

i) if you already have an existing .htaccess file there, then just open it, COPY the text from below and PASTE it at the very end of this file.

ii) If there is no .htaccess in your root folder, then create one, and then open it, COPY the text from below and PASTE it at the very end of this file.

NOTE: BE SURE TO MAKE A BACK-UP OF YOUR EXISTING .htaccess FILE FIRST


#Paste this at the very end of your .htaccess file
#in your web site's root folder

<IfModule mod_rewrite.c>
#dap
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_FILENAME} -f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !dapclient.php
RewriteCond %{REQUEST_URI} !^/dap/
RewriteCond %{REQUEST_FILENAME} !(.*)(\.php|\.css|\.js|\.jpg|\.gif|\.png|\.txt)$
RewriteRule (.*) /dap/client/website/dapclient.php?dapref=/$1&plug=wp&%{QUERY_STRING} [L] </IfModule>

 

Doing the above enables file protection for files outside your WordPress installation folders.

2) Now go to the DAP Product you wish to protect the file as part of, and then scroll down to the “ContentResponder” section. Then…

• If you know the full URL to your file – like http://www.YourSite.com/reports/coolreport.pdf – you could simply paste that directly into the field “A” from the image above (make sure you “visit” this URL first and verify that there is actually such a file at this link)
• OR… if you can’t figure out the full URL, then you can enter the text “reports” (the name of your top-level folder where your file is) into field “B” from the image above, and then click on “Load Files”, and it will show you all files under that folder. And you will be able to scroll through and look for your file. And there click on the “Add” link right next to that file name you wish to protect.

The file is then added to the Product, and will now be protected as part of that Product.

That’s it.

Testing File Protection

Open a different browser (not different window – a totally different browser – like, if you’re logged in as DAP admin in FireFox, then open IE)  and try to access your file directly and see if DAP redirects you to the login screen.

If not, take a deep breath – it’s NOT DAP 🙂

It’s just that you probably missed something during the setup.

Revisit the steps above, and if you still can’t figure it out, you might want to think about uploading the file to Amazon S3.

This feature can be hit-or-miss depending on server software, PHP version, security software on your server, etc. So if it works, then great.

If it doesn’t work, then it is specific to your server. So if you want us to log in to your site and troubleshoot this, if you are a Platinum member, we can do this for free.

And if you’re not a Platinum member, you will have to purchase a premium support slot in order for us to log in to your site and troubleshoot this.

So while you can try it and see if it works, especially if you’re protecting just a couple of ebooks and reports, if it doesn’t work, then it’s in your best interest for the long-term, to switch to Amazon S3 for hosting your premium files.

Recommended Reading

If you have a number of large files to deliver to your members, then you should consider hosting your files on Amazon S3. And here’s why…

19

Protecting WordPress Posts & Pages

• Log in to DAP Dashboard and go to the “Products/Lists” page.
• Select the product to which you want this blog post/page to be a part of
• Scroll down to the “ContentResponder” section
• On the left, you will see a list of blog posts & pages that have been published (if you scroll down in the window where the list of “posts” show, you will also see list of “pages”)

• Select one or more (hold Ctrl + Click to select multiple)
• Click on “Add Selected Posts/Pages” to protect the posts/pages.
• The post(s)/page(s) will now show up on the right-hand side of the box.
• Click on “edit” next to each link to configure dripping for individual posts/pages.

25

Creating A Login Page Within WordPress

Now DAP already provides you with a built-in, out-of-the-box login form, at YourSite.com/dap/login.php . But if you want to put this form “within” your WordPress blog, so as to give your login form the same Look & Feel as the rest of your blog, then do this…

1) Create a WordPress Page (not “Post”) with the text %%LOGIN_FORM%% in the body of the page, and a title of say, Login, and save the new page. If you used the text “Login” for the title, then the actual link to this page would be YourSite.com/blog/login

2) This page now shows up as “Login” along with the rest of your “pages” on your blog.

3) Go to DAP Admin > Setup > Config . Scroll down to the field Login URL

In the text box, enter the full link to your login page from Step 1:
http://YourSite.com/blog/login

Or if your blog is in the root, then…
http://YourSite.com/login

That’s it! When someone clicks on the “Login” link that now shows in your “Pages” menu, they will now see a nicely formatted login form.

Related: Where is the Logout Link?

12

Using Sneak-Peek For Blog Posts

By default, none of the posts or pages you have protected in DAP will be visible in any of the WP menus (not even in custom menus).

Which means, as far as your visitors (or search engines) are concerned, those posts/pages don’t even exist in your blog – until the content “drips” on them.

Some DAP users want it that way, and some don’t.

Also, from an SEO perspective, if your visitor (who is not a member, and one who is not logged in) can’t even see the post, then neither can Google. This means, if you do a blog-and-ping, when Google arrives at the permalink of your new post, because the post is protected, DAP will redirect Google to your login page. This means, you don’ get the benefit of SEO for your new post.

Also, from a “Curiosity” standpoint, if you protect all of the posts, then your visitor will only see a handful of non-protected blog posts, and logged-in members will see only content that has already dripped on them (accessible to them).

Giving them a “sneak-peek” of the protected content is a great way to get them excited about your content.

So for example, you could have a blog post that talks about a video, and goes into detail about everything that they can learn from watching the video – but the content ends just before the video, and where the video would’ve normally appeared, there appears a “Login Form” that asks them to login first before they can view the content, or purchase access if they wanted to see the video.

How to turn on Sneak-Peek

Go to DAP Dashboard > Config > WordPress Sneak-Peek

It is set to “N” (no) by default. Change this to “Y” and click on the “Update” button to save the change.

And then when they click on the “more” button to read the rest of the post, the full post is protected anyway, and they are presented with a login screen.

WARNING: READ THIS BEFORE YOU TURN ON SNEAK-PEEK

As soon as you turn on Sneak-Peek, DAP will show all content from your blog posts, but only up to the “More” tag. This means, if you don’t have a “More” tag in any of your content, then all of your blog posts will show to all users, regardless of whether they have access or not.

So, the most important thing here is this:

SNEAK-PEEK and MORE are INSEPARABLE.

If you do sneak-peek, you MUST include a “More” tag.

So when you create a WordPress blog post, split the post into two parts using the “More” tag. This creates a “public preview” portion of the actual post, that shows up on your blog’s home page and in the permalink when that post is displayed. To read the rest of the post, your visitor has to click on the “More” link, and that’s when depending on whether the user has access, the rest of the post will be displayed.

0

DAP WP LiveLinks Plugin

Once you install this plugin, when someone visits your blog, they will ONLY see posts that they are “eligible” to view. This applies to your blogs main page as well.

So, if a casual visitor arrives at your blog, they only see titles and their summaries for posts that have NOT been protected (not added to DAP at all).

For instance, if you have 100 posts, and have protected 95 of them, then on your blogs home page, this visitor will see only 5 blog posts – titles and summaries – in TOTAL.

They wont even see the titles or bodies of the protected posts. And if they somehow get the link to it (from someone else, by email, say) and try to visit it, then the existing DAP protection kicks in, and theyre asked to login first to determine if they have access to that post “as of now.

But once this same visitor logs in, all blog posts that were HIDDEN earlier MAGICALLY re-appear And they see all posts that they are CURRENTLY eligible to access (this excludes posts to which access already expired, and posts to which they dont have access YET – i.e., future availability).

If you want a certain portion of even your protected posts to always show up, even if the user is not eligible to see the post, see DAP “Sneak-Peek”.

This plugin lets you do two other things:

1) You can PERSONALIZE blog post titles and content with MERGE variables.

So, if you create a blog post with the title “Welcome %%FIRST_NAME%%“, then when your member logs in, they will see “Welcome John“.

Available merge variables;

%%FIRST_NAME%% –  Gets replaced with their first name

%%EMAIL%%  – Gets replaced with their email

%%MEMBER_HOME_PAGE%% –  Gets replaced with the ‘login’ page

2) You can also put the Login Form on any WP “Page”.

20

Protection: WordPress Blog Posts and Files – FAQ

How do I protect a blog post?

1. Log in to DAP Dashboard and go to the “Products/Lists” page.
2. Select the product to which you want this blog post to be a part of
3. Scroll down to the “ContentResponder” section
4. On the left, you will see a list of blog posts & pages that have been published
5. Select one or more (hold Ctrl + Click to select multiple)
6. Click on “Add Selected Posts/Pages” to protect the posts/pages.
7. It will now show up on the right-hand side of the box.
8. Click on “Edit” next to each link to configure dripping.

How do I protect a file?

Use the “File Browser” on the “Products/Lists” page to browse through a folder on your web site, and next to each file, you will see an “Add” link. Clicking on that link will add that file to the product.

I have protected a blog post. But I can still view it without logging in.

1. Are you already logged in a a user who has access to that link? Maybe logged in as DAP Admin, and that is why you are able to access the link? If so, either log out of DAP, or visit your blog in a completely new browser (if you’re logged in as DAP Admin in FireFox, then visit your blog using Internet Explorer).

2. After you set up DAP, did you visit the “Permalinks” section and click on the “Save” button at least once (even if you didn’t make any changes to your permalinks structure)?

3. Have you added the blog post to a Product? If you don’t add it to a DAP Product, the post or file won’t be protected.

Can I protect an entire category of posts at one go?

Yes, absolutely!

See Protecting An Entire WordPress Category.

Why do I see all of the protected posts on my blog’s home page? (OR) I don’t want the links to all my blog posts showing up on my blog

Make sure you have “Sneak-Peek” turned off in the DAP Admin Config section. Once you do that, posts that are protected will not be displayed on the home page as well as if someone tried to visit the link directly.

When I try to browse through the files on my server, on the Products page, I get a  popup error msg that says ‘There was an error returning data”.

(OR)

When adding Folder name ‘To Protect Files’ option the js loader keeps on loading.

On looking at the Error Console of the browser it shows the error”Error: missing ) in parenthetical”
Source File: http://www.yoursite.com/dap/admin/addEditProducts.php?productId=1
Line: 29, Column: 8
Source Code: (Unable to open ../../../AdminSorry, too many files being returned. Please use filter to reduce the number.)

Answer: Those are all symptoms of the same issue: Too many files to load in the little “file browser” section, and DAP is timing out.

If you know the path to the file, then just form the URL directly in your text editor – like…

http://www.yoursite.com/wp-content/uploads/interview.mp3 (example)

Visit the link to make sure that there is no typo in the URL, and make sure that the file is there for download (you’ll see the “Download or Save as” popup).

Then simply paste that URL into the Add URL field and protect it.