So I’m having a problem finding a good membership software script that looks nice, isn’t thousands of dollars, & does this…
capable of blocking user logins based on a cookie that is created when they register? and can that cookie be reset? In other words, is it possible to restrict member logins to one computer or device (they may be logging in from tablets or smartphones)?
Most membership software only blocks IP addresses & that doesn’t work. I have Amember for another site & I had HUGE problems when that IP blocker was turned on. The first client I got I had to remove it because the IP address kept changing.
So, my website coder came up with a better solution (the one above).
So, when a user logs in for the first time, you want to restrict them to only being able to log in using that specific device/computer?
Doesn’t that defeat the purpose of a website or web-based application that visitors can access from anywhere? Or am I misunderstanding what you’re asking?
So what happens when the cookie gets deleted (by their security software or because they have too many other cookies stored)? Does that mean they then can’t access the site at all?
Browsers have the option of deleting cookies after the browser is closed. Some people do it manually. It’s best not to assume that cookies stick around on a visitor’s computers.
By then they will have probably already printed off their business kit. If they need access again, they reach out to me.
That seems quite inefficient given what I said above.
What exactly is the flow here? Someone visits your site, purchases something, an is then presented with a page where they can download the product?
I know, but again, unless someone sets it that way, that’s not the default of browsers.
Yes.
I have been using security software for ebooks for years (since 2002), but each one of them is TERRIBLE. I’ve been through 3 companies & either the clients have HUGE problems opening the files either b/c the clients are computer illiterate despite my clear instructions, or there are bugs in the software, or their tech support is terrible.
This last company Secure ebook (www.secure-ebook.com) just ruined my relationship with 3 clients. They claim they get back to you within 48 hours, but they never did. I had to call & leave messages at least 5 times & then e-mailed about 5-10 more. They responded back & did nothing. I sent tons of screenshots & error messages & they are clueless.
I lost tons of money trying to get my website coder to go onto one client’s computer to try & open the files & it wouldn’t. He also tried on his computer & I tried on mine & we both couldn’t open the files. I finally had to give them insecure files which I NEVER do. It was either that or lose him. So no, don’t recommend doing that. It’s not an option for my proprietary material & I don’t sell enough to put a ton of work into drip feeding them the material. They need it all at once.
At this point I will be suing Secure ebook, as they are totally ignoring me & they even admitted in one email that they had issues, but refused to explain when it would be fixed. I just e-mailed the owner & the Vice President on Friday.
Since this seems to be a recurring issue with every company I’ve purchased from & the other solutions are just TOO expensive, or they don’t have the features I need, I have to find another solution, as this makes ME look bad. The only reason a client will have a less than perfect experience with me is b/c of these terrible companies.
So, the only other alternative we came up with is to make each PDF into an html page & then get a membership software program & do what we mentioned above so they can’t pass out the login to others.
Some people have their security set to delete cookies even more often than that. Some don’t even allow cookies to be saved in the first place and only allow them to exist while the browser is open.
Even if a cookie isn’t deliberately deleted it can disappear for a range of reasons. The only thing certain is that on the occasion when they need access urgently the cookie will be gone.
Using IP address is far more reliable than using cookies - at least an IP address identifies a specific Internet Service Provider.
I guess we will. At least until the conversion of the internet frim IPv4 to IPv6 is complete and everyone will be able to have millions of IP addresses that belong specifically to them and can allocate a specific unique IP to each function on each device they own.
Yeh if I knew their IP address wouldn’t change often, I’d take that security measure no problem, but after the first time it happened that the first client couldn’t get in & Amember was saying that it was b/c of different IP addresses, since I couldn’t very well accuse them without any proof that they were trying it on multiple computers, I had to shut that feature down & it was useless to me.
I agree. Tying the download to an IP address is a bit more reliable than using cookies, which are wildly unreliable. Also, what’s going stop someone from copying a cookie from one place to another?
If you’re really concerned about folks stealing content, have you looked into DRM? Personally, I’ve always advocated against DRM, but in your case, I can’t really think of a good technical solution. If you email the product, they could still share it. If you only provide access to the download with a username and password, there isn’t much stopping folks from sharing the username/password or the download after they’ve downloaded it.
It’s complete and up and running–not everyone is using it though. A majority of the Internet is still using IPv4.
I agree. That’s exactly what would happen if someone wanted to bypass the supposed security implemented via the cookie. At least with an IP address you can’t copy it to everywhere.
All the thieves would end up with a copy of the cookie while the legitimate purchaser would be denied access because their system security deleted the cookie because they didn’t specifically tell the software to keep that specific one. Or if the legitimate purchaser didn’t have security software installed then the cookie would drop out because of the hundreds of spam cookies being saved exceeding the cookie limit.