Defend Your Thank You Folders From URL ... Robert PlankIf you sell ... ... you're going to have a thank you page (a URL where the buyer is ... after a sale). With just a c
Defend Your Thank You Folders From URL Guessers
By Robert Plank
If you sell downloadable products, you're going to have a thank you page (a
URL where the buyer is redirected after a sale). With just a couple lines
of HTACCESS code you can make that folder airtight.
You shouldn't be putting a buyer through a mandatory signup process to
download the product. They already paid, just give them the file right away
and offer a chance to opt-in for updates later. Otherwise you'll be getting
lots of support e-mails from people asking where the product is they just
paid for.
It's always smart to name your thank you page something with a number -- a
name like postorder735.html or thank-you-9987.html will do. You just want
to make this impossible to guess.
When it's possible I like to separate the sales page from the download, so I
stash them in a folder called something like "download" or "order."
Problem: If you have these separate folders, these URL guessers can see the
contents of them.
The obvious solution is to put an index.html in the folder, which keeps its
contents from being listed... but what if you have, say, 25 of these
folders? Do you need 25 index.html files?
No, and that's where HTACCESS comes in. Open up a new text file in Notepad
and put this text in exactly:
Options -Indexes
Then save the file as: .htaccess (WITH that dot in front)
Upload it to the root of your web site. Now, if you try to view the
contents of a folder that's missing an index.html file, your browser will
show a "403 Forbidden" error.
Don't worry, this won't block out all files. It will simply keep a guesser
from viewing a list of what files are in a given folder.
If you don't want to see that ugly generic Forbidden page, you can supply
your own by adding this line to that .htaccess file of yours:
ErrorDocument 403 /sorry.html
Now you can put your message into a HTML file (maybe it could be a link to
the main page of your site), put it into a file named sorry.html and upload
it. Now you'll have a friendly notice that says anything you want.
One last bonus tip for you. If your forbidden message is extremely short,
you don't even need to create a separate HTML document. If it's possible
for your message to fit all on one line you can remove that ErrorDocument
line above from your .htaccess file and put in something like this:
ErrorDocument 403 "Sorry...
I'm aware that there is a starting quote and no ending quote. That's just
how you have to type it. If you put in a quote at the end there it would
show up in your HTML document. I know it looks funny, but it works.
Remember that "Sorry..." text is HTML so you could put in line breaks,
links, bold tags, H1, H2 tags, and so on. It's all up to you.
PHP Scripts Don't Have to End in .PHP
PHP Scripts Don't Have to End in .PHPBy Robert PlankIf you tweak your site to perform better in search rankings then you practice the science of Search Engine ... (SEO). It's possible to starUpdate Prospects' Calendars Without Breaking And Entering
Ever scheduled an event like a teleseminar or product launch? Hopefully they'll copy down all the details correctly, adjust the time to match their time zone, AND actually remember to attend. Luckily there's an easy way to do all this by marking your visitor's calendar with just a couple of clicks using Microsoft Outlook.Autoresponders With PHP
First off, check out the URL below. You'll learn how to make that today. ... ... Fill out your e-mail address on the page you see. (I promise it's not being saved a