How to make Trial Plugins for 10 days
-
@d-healey I am asking when we deliver the plugin It will be a good idea for Hr1 file and the .VST3 or VST or .component file should be sent separately. And should be hosted separately.
-
@DabDab There's no advantage to hosting them separately. The plugins should be bundled into an installer, one for each OS, no need to use an additional archive format for those. The samples should be in hr format which is equivalent to a zip archive. So the user should get at least 2 downloads, one for the plugin installer and one for the hr1 archive. If you have installers for multiple platforms, or lots of samples split into multiple hr files then the user will get more download links.
Can they steal Wordpress Digital Selling Plugins (Woocommerce) download link?
It depends on how you have setup your site. I use Amazon S3 links through WooCommerce, the links expire after a time limit so sharing them wouldn't allow someone else to download once the link has expired. You can also set up your site so that links require a user to be logged in to work.
-
@d-healey Great.. when the link expires how the new links are generated?
Let me clear.. I want to purchase your Piano (just assume :beaming_face_with_smiling_eyes: ) Natan has already purchased and Downloaded so the links have been destroyed. How do I download the same product? Do you every time re generate the downloading link? -
@DabDab said in How to make Trial Plugins for 10 days:
when the link expires how the new links are generated?
It's automatic. When the user is in their account and they click download, WooCommerce generates a time limited link.
-
@d-healey That means you have to set Downloads Types (from woocommerce settings) to Always Redirect. Right? Because by default Woocommerce sets it to Bruteforce. In bruteforce mode Links don't work well. It download random file (gibberish) .
-
@DabDab For a long time I had mine set to x-accel. But then I realised this was running the traffic through my website, which was not good! I spoke to WooCommerce and they said to use Redirect Only, it's marked as insecure in the WooCommerce settings, but if you're using the Amazon S3 plugin it's fine.
-
@d-healey Yeah.. I guessed right.. :)
-
Another thing you can do is limit the number of downloads the user has, I limit mine to 10. Very occasionally a user asks for more but most users don't download more than once.
-
@d-healey Yeah.. However 3 is sufficient.
-
@DabDab Lets Say they want to crack a Plugin From our devs here...at hise.
First They Look for Unlockable Demo Installers.
If exist they will Crack that Version.If There was A Demo version, Based on Serial Numbers, They will make a Fake account then Get the Demo, and Crack the Installers.
They never Buy Anything from you, me or anyone else,
People Provide The installers to Some Trusted People, Then They Get The Installers from that guy and Do the Crack. ( why trusted people, Because of keeping their Identity Hidden )And I don't think you can Track The personNo matter how many You sold. The Installers are Clean of Personal Information.
They can't hack your Server, Or do Phishing, But can Create Emulators That can Fake call your Host, and return The Valid License Found message.
This usually used for the protections Types that Has A Check with server Script.@lindon and @Orange case is because they Both are using a Serila Number formula, that's why you see A Name like R2R makes a Keygen. Keygen technically Used for Formula Type Protections.
@hisefilo Products doesn't have any protection, That's why you see a Word After the title "Retail".
It means Someone purchased and Provided the Installers to the Public.
From where, Who is That Guy??? It is Clearly Remain Unknown.As @d-healey stated, It is better to have a Limitation on Dowbloads or you simply get Hijacked, and since this is a Pay per Download Plan you Get in trouble.
Best Copy Protection idea is to have Single Serial Number, It still Brekable, But since Crackers dont Publish Anything that can Put someone in Danger ( The owner of Serial number), so They Dont Publish Someone elses Serial Code (Which is Simply Trackable by Devs).
It takes more time to Patch the Dll files, and once you release an Update It needs another process to Do The Patch.For video stuffs it is better to Have a Closed and subscription plan, Or you simply get Hijacked at launch day.
-
@Natan Very nice. You cleared many confusion man. God bless Thank you :)
-
@DabDab God bless you man
Don't mind The Crackers,
Keep Up the good Work -
@Natan Hi mate! in your opinion. What's the strongest way to secure a server-check connection? How to avoid pirates to intercept or reproduce the server response?? SSL api call is enough?
-
@hisefilo Hey Mate
Actually I'm not a WebMaster,
From my experience They Make Emulators And It kinda Fakes The Connections, No matter What server, For example Ableton Use Same Server response Method, and R2R Made a Tool to Fake That.
I believe We can't do anything About it -
@Natan thanks! It's hard to believe a huge company as Ableton can't figure out how to avoid piracy
-
@hisefilo -- one approach I designed for a server check-in system included a challenge response , so the plugin has a set (of say 500) challenge/response pairs, so it sends the server its "is this registered?" type message along with one of the challenges, and gets back a yes/no and a response, if the message returned from the server is "this plugin is OK " then the plugin looks up the response to make sure its correct for the challenge it sent....
The idea being its pretty hard for the pirates to have a system that fakes the server AND fake the challenge/response when there are 500 different options it would need to cover......
-
@Lindon said in How to make Trial Plugins for 10 days:
The idea being its pretty hard for the pirates to have a system that fakes the server AND fake the challenge/response when there are 500 different options it would need to cover......
If they are able to find the flag in the binary they could just set it to 1 and bypass the server calling altogether. This is the problem with all solutions that don't use a dongle or a live connection.
-
@d-healey -- go read Urs Heckmans commentary(KVRAudio DSP forum) on how to build effective authorisation systems - he has a way around this issue.
-
@Lindon Interesting, I shall go and look it up
-
@d-healey - in the right thread now:
https://www.kvraudio.com/forum/viewtopic.php?f=33&t=523031&p=8235873&hilit=Urs#p8235873