Fileflare

Get it free

Documentation »

Prevent Download Sharing

Protect your digital products from unauthorized sharing with Fileflare’s security and access controls.

Beka Rice Avatar

Written by

Beka Rice

Last updated

Selling digital products means accepting a hard truth: you can’t 100% prevent file sharing. A determined buyer can always download a file and re-upload it elsewhere. What you can do is make sharing inconvenient enough that 95% of buyers don’t bother — and trace any leaks back to the person who shared. This is the full toolkit Fileflare gives you for that.

Available across all plans, with specific protections gated by tier. The methods below stack — combine three or four and you’ve got strong protection for most stores.

When you’d use this

  • You sell PDFs, ebooks, sheet music, courseware, or any content that’s easy to redistribute.
  • You’ve seen one of your products on a torrent or marketplace and want to harden the next sale.
  • You sell licensed content where attribution matters legally.
  • Your AOV is high enough that even small leakage is expensive.

Why this is hard

  • Re-upload is easy. Customers can download then re-upload to Drive or a torrent. Most protections work at the link level, not the file content.
  • License keys aren’t bulletproof. Software piracy has been a thing for decades — Adobe, Microsoft, every major company still gets pirated.
  • Passwords get shared. A PDF password just becomes one more thing the leaker tweets.

So the goal is friction + traceability, not perfection.

The toolkit

1. PDF stamping (best for PDFs)

Watermark every delivered PDF with the buyer’s name, email, and order number. If a stamped copy shows up online, you know exactly who leaked it. Combine with print/annotation locks so the stamp can’t be edited out. Set up PDF stamping.

Plan: Basic for a single template, Growth for multiple templates.

2. IP address limits

Cap the number of unique IPs that can access a download link. At 1, the link is single-device only — but that’s too tight for most cases (mobile + desktop = 2 IPs minimum). Recommended: 2 or 3.

Plan: Premium. Configure.

3. Download count limits

Cap how many times each link can be hit. 2 or 3 is usually right — accounts for failed downloads and people grabbing the file on multiple devices, but stops a leaked link from being used by hundreds of strangers.

Plan: Free and above.

4. Order expiration

Auto-expire download links after N days from the order date. Forces customers to grab the file in a window rather than coming back forever, and shrinks the leak surface.

Plan: Basic and above.

5. Login-required downloads

Require customers to log in to their Shopify account to access the download page. Tight binding between the link and a logged-in account makes casual sharing much less appealing — the recipient would also need login credentials. Set up login-required.

Plan: Premium.

6. Streaming-only mode

Hide the download button so customers can only stream files in-browser. Strong UI deterrent for video, audio, and PDFs. Note: it’s not DRM — a technical user can pull the stream URL from dev tools — but it’s a strong filter for casual buyers. Set up streaming-only.

Plan: Premium.

7. Customer-account-only delivery

Disable email download links and require customers to log into their Shopify account to download. Adds personal context — “this is in my account” — that discourages sharing.

Setup: enable customer account downloads, then disable Fileflare’s emails.

Plan: Premium.

8. Inform customers they’re being tracked

Add a note in the download email or download box that you log every download IP and will block accounts found sharing. The deterrent effect is real — and lets you act on patterns without surprise.

Customize the email template and the download box copy to add the warning.

Detect sharing after the fact

Every order’s Traffic section in Fileflare logs the IP and browser of every download. If you see an order with downloads coming from very different geographies, that’s a likely share. From there:

  • Block the order’s downloads immediately to stop further leakage.
  • Reach out to the customer if the leak looks accidental.
  • Use the stamped PDF (if applicable) to identify the buyer if you find a leaked copy on the open web.

If your file is already pirated

1. Contact the site owner

Try the site’s contact form first. If they don’t respond, check who.is for the registrant.

2. Contact the host

Look up the host via whoishostingthis.com and submit a copyright complaint. Shopify, Cloudflare, and AWS all process DMCA notices quickly.

3. Submit a DMCA complaint

Use Google’s free DMCA tool for indexed pages, or a paid service like DMCA.com for broader takedowns.

4. Trademark

If you have a registered trademark, threatening trademark violation tends to work very fast — large platforms don’t want to deal with trademark fights. Worth doing if your brand is your asset.

Common issues

  • I set the IP limit to 1 and customers can’t download — typical. Most customers want both phone and desktop, which is two IPs. Use 2 or 3.
  • I set the download limit to 1 and got a flood of support tickets — common. Mail-server bots and antivirus tools often pre-fetch links, consuming the customer’s limit. Use 2-3 minimum.
  • PDF stamping doesn’t apply — file must be under 100 MB, must be a real PDF (not encrypted, not password-locked), and Fileflare must host it (not via URL asset).
  • I can’t tell if a customer is sharing — open the order in Fileflare, scroll to Traffic, and look at the IPs/locations of each download. Geographic spread is the tell.

Keep learning

Reading mode