🚀 Ignite your growth: Discover 30+ new tools to get ahead in our new Ecwid Igniter. Learn more →
Everything you need to sell online

Set up an online store in minutes to sell on a website, social media, or marketplaces.

How to Protect Your Digital Goods From Piracy

How to Protect Your Digital Goods From Piracy

18 min read

When you’re selling digital products, you benefit from the absence of inventory and shipping, but you get piracy as a constant threat instead. It is remarkably easy for someone to steal your intellectual property — music, designs, eBooks, software — and distribute it under their own name.

The numbers associated with piracy are staggering. Microsoft estimates that piracy costs the software industry $491B each year. Another estimate pegs the loss between $200 to $250B within the US alone.

Regardless of the numbers, one thing is clear: theft can be a serious problem when you’re selling digital products.

Fortunately, there are some ways you can make theft much, much harder. We’ll show you how to protect your digital products in this article.

How to sell online
Tips from e-commerce experts for small business owners and aspiring entrepreneurs.
Please enter a valid email address

Rethink Digital Protection

Before we dive into the details of digital protection, it’s important that you view it with the right frame of mind.

Simply put, there is no such thing as 100% foolproof protection when it comes to digital goods. Thousands of business around the world have been trying to solve this problem, including massive software companies like Microsoft, and they haven’t fully succeeded.

The reality of the internet is that if there is sufficient demand for a product, someone somewhere will figure out a way to access it for free.

This doesn’t mean that you shouldn’t invest in piracy protection at all. Instead, it means that you need to view digital products through a different lens.

Keep two things in mind:

  • The harder a product is to steal, the less motivated people will be to steal it.
  • If it is substantially easier to buy the product than to steal it, more people will be willing to pay.

The second point is particularly important and is the reason behind the success of sites like Spotify. By making it much easier to stream music legally, Spotify removed the motivation to pirate music. Little wonder that Spotify made over $2B last year.

So whatever protection tactics you choose, make sure that your product is a) harder to steal, and b) easier to buy.

This might mean changing your distribution tactic. For instance, instead of creating software and selling it via downloads, try turning it into a subscription model where customers pay a fixed fee to access the product each month (i.e. SaaS).

By making access easier, you will encourage more legitimate buyers and discourage theft.

Tactics to Protect Digital Products

Not every tactic to protect digital products will work equally well. Below, we’ve shared a few tactics as well as their quality of protection offered, and what kind of product they work best for.

1. Copyright Your Product

Getting a copyright will not prevent theft, but it will make it easier to seek redressal in case someone steals your product. This essentially notes that you are the rightful owner of a specific piece of intellectual property (IP), and thus, can take someone to court for violating the copyright.

Since copyrighting is a legal matter that varies from country to country, we recommend that you consult a local lawyer who specializes in copyright law. If you’re in the US, you can consult the Copyright Office as well.

Do keep in mind the following points before you think of getting a copyright:

  • Copyrights are not universal — a copyright in the US will not protect you from theft and distribution in China.
  • Not every product can be copyrighted. In the US, for instance, titles, names, phrases, slogans, ideas, etc. cannot be placed under copyright. Literary works (including unique content), unique designs, software, etc. can be. Check your country’s laws before you proceed.
  • Any unique you publish online is automatically placed under copyright as per the DMCA, even if it doesn’t have the copyright symbol (©).

Getting a copyright is not always necessary. In many cases, it might even be wasteful, especially if you’re producing a lot of unique IP rapidly. If you’re publishing online, you might be already protected under DMCA.

Nevertheless, explore this as an option if you’re spending a lot of resources to create unique IP.

Also listen to

2. Hide Your Product from Prying Eyes

Making the product hard to find for search engines and spies should be the first step in your digital protection plan. After all, if they can’t find it, they can’t easily steal it.

If you sell digital goods with Ecwid, you don’t have to take the three steps below. Simply upload digital products to your store — Ecwid will generate links for download after each purchase and won’t pass them to search engines.

There are a lot of ways you can hide your outside-of-Ecwid digital files, though.

A. Place your product inside a Zip file

If you’re selling documents (such as an eBook) in a PDF file, search engines can easily read the file and make it visible in search results. Anyone can then use the “filetype” operator in Google to find these documents on your site.

PDF files in Google search results

An easy way to workaround this problem is to place the PDF in an archive (.zip or .rar file). Search engines cannot read these files, so your data can remain safe.

B. Hide open directories on your site

If you’re storing your files in a separate directory on your site (such as “yoursite.com/downloads”), people can view its contents by directly accessing it in their browsers.

An easy way to hide open directories is to create a .htaccess file in your site’s root folder. In the .htaccess file, add the following:

Options — Indexes

Now whenever someone tries to access open directories on your site, they’ll see a “403 Forbidden” error like this:

‘403 Forbidden” error example

C. Stop search engines from indexing your pages

Search engines send out millions of pieces of code called “search engine spiders” or “bots” to index billions of pages every day, a process called “crawling”.

These spiders will crawl every single page on your site unless specifically told not to. If you have a page that lists all your protected files, the spider might crawl it as well and make it visible in search results.

You can stop spiders from crawling specific pages on your site by creating a “Robots.txt” file. This is a simple text document that regulates bot behavior. You have to place it in the root directory of your site.

To block access to a folder, add the following code to the Robots.txt file:

User-agent: *
Disallow: /your-folder-name/
Disallow: /path/to/your/second-folder/

This code basically instructs all bots (“user agents”) to not index your folder.

3. Place Downloads Behind a Login

One of the easiest ways to deter unauthorized access to your products is to place the product behind a login.

This simply means that instead of a download link, the customer gets a username and password post-purchase. The customer can use this to log in to the site and access their downloads.

While this won’t stop a paying customer from copying and distributing the files, it does offer a few benefits:

  • It makes it harder for someone to access the files, which can deter pirates.
  • It makes it easy to track downloads via usage logs and figure out if someone is stealing content.
  • You can disable access to suspicious customers remotely.
  • It prevents search engines from indexing the content.

There are plenty of ways to place files behind a login. Check out Memberful, aMember, Member Press, WishList Members, SilkStart (free) and MemberPlanet.

4. Limit Access to Downloads

How do you prevent a paying customer from sharing his download link with others?

Simple: by limiting access to the downloads.

This is a tried and tested technique to limit downloads to legitimate customers. Basically, this involves placing a time or quantity-based limit on the total number of downloads. After the limit expires, the customer can’t use the download link anymore.

If you’re using Ecwid to sell your digital goods, you can easily limit access by going to Settings → Cart page → E-goods.

Here, you can limit downloads by:

  • Total number of downloads
  • Time-bound validity of the download link.

For instance, you can keep the download limit to “3”. This means that the download link you send to a customer upon payment will expire after 3 downloads.

You can also set the download link to expire after a fixed amount of time (say, 72 hours). If the customer tries to access the download after this period, they’ll get an error message.

This tactic works because it makes sharing a download link unfeasible. Customers who can only download a product 3 times won’t feel motivated enough to share this link with others.

You can further increase protection by changing the names of files and folders periodically. Once you’ve changed the names, people who already have access to the download link won’t be able to find the files (while legit customers can still access it).

If you’re taking this route, choose file names that are hard to guess, like “y12xq.pdf” instead of “file.pdf”.

5. Create Product Licenses

Another tactic to prevent theft is to create unique licenses for each product copy. To access the product, the customer has to enter the license key.

This is how most software companies protect their products. If you’ve ever entered a long alphanumeric key before installing a software, you’re already familiar with this concept.

Some of the benefits of using this tactic are:

  • Strong protection: License keys can be notoriously hard to crack. The quality of protection offered by this technique can be classified as “strong”.
  • Remote locking: If someone asks for a refund or engages in suspicious activity, you can disable the license. This would not only prevent future downloads but also invalidate any existing copy of the product.
  • Prevents redistribution: Pirates can’t rename the file or copy its contents since each copy is tied to its own unique key.
  • Prevent reprinting: In the case of eBooks, you can use your licensing software to disable print functionality or to make sure that the license gets printed along with the rest of the book. This can prevent people from printing copies and redistributing them physically.
  • Download monitoring: You can check whether someone has already downloaded and accessed the file using the license key. This can prevent people from claiming that they haven’t received the file.

Creating product licenses can make accessing the file harder for customers, but it also offers significantly advanced protection. This is a tradeoff you’ll have to consider making if you want better protection.

There are plenty of ways to create product licenses. If you’re using a tool like InfusionSoft to create and deliver products in the sales funnel, you can create license keys right within the software.

For other solutions, consider BinPress (for code), File Secure Pro (for most files), Book Guard Pro (for PDFs), and Easy Digital Downloads (any file).

6. Monitor the Web for Stolen Products

Last, but not the least, make sure that you keep a close watch on the web for any stolen versions of your product. This way, you’ll at least know if someone is distributing your products legally.

The easiest way to do this is to create a Google Alert for your product name. Just enter the name of your product and change the settings to give you an update anytime someone mentions your product.

Google Alerts

Keep in mind that your product won’t always be redistributed under its original name. Make sure to add possible variations such as alternative product names, your website name, your own name, etc. while monitoring.

If you’re publishing content online, you can also use Copyscape to detect plagiarism and send you automatic alerts for content theft.

What to Do in Case of Theft

Even if you take all the preventive measures above, you might still see your content stolen and redistributed online.

If this happens, there are a few things you can do to protect yourself:

1. Contact the offending site

Before you take the legal route, it’s always a good idea to contact the site hosting your stolen contact and ask them to take it down. You’ll find that most sites will happily comply.

Start by finding the site’s contact information. Most websites will have a contact form. If you can’t find this information, get contact data from the site’s WHOIS records. Go to a WHOIS tool like Who.is or Whois.sc, then enter the site’s domain name.

You should see the domain registrant’s email and phone number, like this (provided the registration isn’t set to “private”):

WHOIS records example

Once you find the email address, send an email requesting removal.

In case you can’t find the contact information, or if the site refuses to comply, send a removal request to the website’s host. Go to WhoIsHostingThis.com and enter the site’s domain name into the search box.

In the right pane, you will see the name of the host.


Contact the host and let them know about the stolen content as well as the proof showing that you are the owner. Most hosts will happily remove the content if you can offer sufficient proof.

2. Submit a DMCA Complaint

As we mentioned earlier, any content you create and publish online is automatically protected under DMCA. In the case of theft, you can submit a DMCA complaint and get a site owner to remove the offending complaint.

You will, of course, have to first prove that you are the actual owner/creator of the content. Creation logs, publishing dates, etc. come into the picture here.

You can submit a DMCA complaint through DMCA.com. Follow the instructions here. Keep in mind that this is a paid service.

For a free alternative, use Google’s DMCA tool to create a new “notice”, then follow the instructions on-screen.

3. Take the Legal Route

If the above two tactics fail, you will have to take the legal route, such as sending a Cease & Desist notice through your lawyer or even filing a case of copyright infringement.

Since the legal option can be lengthy and expensive, it should be your last resort.

We highly recommend consulting a lawyer if you are considering using this option.

Learn more: 25 Places to Find Low-Cost Legal Advice for Your Business


Content theft and piracy can not only hurt your revenues but also your reputation. Anyone selling digital products should have the necessary measures in place to prevent theft.

What anti-piracy measures you choose will depend on the kind of product you’re selling and the level of protection you require. As a bare minimum, hide your product from prying eyes and secure the download area. For further protection, create a password protected download section or create license keys for every copy of your product.

In case someone does manage to steal your content, contact the site’s host to remove the content. If that doesn’t work, submit a DMCA takedown request.

If you also want to sell downloadable items, you can add a digital product to your Ecwid store. Here’s how it works: you upload a file when creating a product page, and it will be delivered to customers automatically via unique download links after they make a purchase.

What digital downloads do you sell (or plan to) in your store? Do you have any other digital product ideas?


Table of contents

Sell online

With Ecwid Ecommerce, you can easily sell anywhere, to anyone — across the internet and around the world.

About the author

Jesse is the Marketing Manager at Ecwid and has been in e-commerce and internet marketing since 2006. He has experience with PPC, SEO, conversion optimization and loves to work with entrepreneurs to make their dreams a reality.

Ecommerce that has your back

So simple to use – even my most technophobic clients can manage. Easy to install, quick to set up. Light years ahead of other shop plugins.
I’m so impressed I’ve recommended it to my website clients and am now using it for my own store along with four others for which I webmaster. Beautiful coding, excellent top-notch support, great documentation, fantastic how-to videos. Thank you so much Ecwid, you rock!
I’ve used Ecwid and I love the platform itself. Everything is so simplified it’s insane. I love how you have different options to choose shipping carriers, to be able to put in so many different variants. It’s a pretty open e-commerce gateway.
Easy to use, affordable (and a free option if starting off). Looks professional, many templates to select from. The App is my favorite feature as I can manage my store right from my phone. Highly recommended 👌👍
I like that Ecwid was easy to start and to use. Even for a person like me, without any technical background. Very well written help articles. And the support team is the best for my opinion.
For everything it has to offer, ECWID is incredibly easy to set up. Highly recommend! I did a lot of research and tried about 3 other competitors. Just try ECWID and you'll be online in no time.

Your ecommerce dreams start here

By clicking “Accept All Cookies”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts.
Your Privacy

When you visit any website, it may store or retrieve information on your browser, mostly in the form of cookies. This information might be about you, your preferences or your device and is mostly used to make the site work as you expect it to. The information does not usually directly identify you, but it can give you a more personalized web experience. Because we respect your right to privacy, you can choose not to allow some types of cookies. Click on the different category headings to find out more and change our default settings. However, blocking some types of cookies may impact your experience of the site and the services we are able to offer. More information

More information

Strictly Necessary Cookies (Always active)
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not then work. These cookies do not store any personally identifiable information.
Targeting Cookies
These cookies may be set through our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant adverts on other sites. They do not store directly personal information, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies, you will experience less targeted advertising.
Functional Cookies
These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by third-party providers whose services we have added to our pages. If you do not allow these cookies then some or all of these services may not function properly.
Performance Cookies
These cookies allow us to count visits and traffic sources, so we can measure and improve the performance of our site. They help us know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies, we will not know when you have visited our site.