Membership Management Service Overview

Overview

Our Membership Management services provide your site with reliable password-for-payment protection. The system instantly enables each customer, upon successful payment to access restricted members areas of your site. This service has many features including:

  • Time Based Rebilling:
    Our membership management services provide the merchants with the ability to recur bill customers on their anniversary date.

  • Look Ahead feature:
    This allows us to reliably retry failed recur billed members over few day period prior to, during or after their anniversary date.

  • Membership Administration:
    An easy to use administration interface is provided to all merchants using the membership management services. It provides the following features:

    - Edit specific members’ profiles
    - Search the member’s database for specific criteria matching your specifications
    - Add a fraudulent credit card to our master database
    - Manually add new memberships
    - Manually synchronize the local & master database files
    - Export a copy of your membership database with only the fields you have selected
    - Graphically view membership activity & recur billed members over daily & monthly intervals
    - View billing histories of members
    - Automated merchant side subscription plan changes via flat file or online wizard
    - Membership Join web page development wizard
    - Automated IP/Domain Block feature (for Bandwidth Sentinel 2.x users only)

  • Website Attendant:
    This free optional features allow members to:

    - Retrieve a lost password
    - Cancel their membership
    - Edit their account information (including updating password)
    - Renew a canceled account subscription (real-time & time delay renewal methods available)

  • Automated Join Process:
    This process allows a customer to:

    - Select the type of membership subscription he/she desires from your list of available plans
    - Personalized their username & password
    - Pay securely on-line using our multiple methods of payment (Credit Cards, Checks, Web900)
    - Gain instant access to the member’s area upon successful payment.

Operating Systems

Our membership management services are available for the Windows & Unix/Linux server platforms. We have the ability to work with many server configurations other then our recommended requirements. If you should have a special setup or request, please speak with one of our technical support personnel to see if we can provide this service to you.

Recommended System Requirements:

Windows Server Platform:

  • Perl 5.x or better (with the ability to call Perl PL scripts from the web)

  • Remote Desktop Access (MS Remote Desktop, pcAnywhere, VNC, or Authentix Browser Based Remote Administration)
    [Remote desktop access can be turned off after the setup is complete.]

Either
- Authentix 100 or better [This can be obtained at “http://www.flicks.com"]
- DAFWEB version 3.5 or better [This can be obtained at “http://www.dafweb.com"]
* Additional licensing & account setup fees may be incurred for Authentix & DAFWEB users.

* Please Note:
- 1 remote desktop super user account will be required.
- 1 Authentix/DAFWEB license will be required per web site being setup on the server

** For Windows servers running Apache web serving software, Authentix/DAFWEB will not be required. Please let us know this prior to your setup and Authentix/DAFWEB license purchase.

Unix/Linux Platform:

  • Perl 5.x or better (with the ability to call Perl CGI scripts from the web)

  • Ability to use .htaccess security

  • Telnet/SSH shell access may be required

* Please Note: Telnet or SSH access may be for some types of Unix/Linux setups. It is recommend that your company obtains either one of these shell connections for your site if hosted on a Unix/Linux server.

Unix/Linux membership management accounts with group support require the following criteria in order for us to correctly setup an account to correctly handle groups.

  • Perl 5.x or better (with the ability to call Perl CGI scripts from the web)

  • Ability to use .htaccess security

  • Text, DBM (Database Management) or Berkley Binary Database support

  • Telnet/SSH shell access may be required

Bandwidth Sentinel

Bandwidth Sentinel is a Perl written program designed to provide several security enhancements to our Membership Management services. It is designed to monitor IP address usage, bandwidth usage & number of images downloaded, as well as other login information. Sentinel monitors and reports excessive 401 errors (login failures) by noting their IP or domain name. Should a member’s username & password become published, sentinel will remove the offending username from the active password list and either totally remove the offending account or change their password. Sentinel monitors for excessive activity & usage around the clock to protect your site from bulk theft of your intellectual property. At this time, the Bandwidth Sentinel’s protection is only available to the UNIX/Linux server platform.

Sentinel, by default, is set to run every hour, but can be adjusted to suit your web site’s needs. When it runs, sentinel tracks each user’s IP addresses, images downloaded & how much bandwidth each member uses within the members area. If a member exceeds the limits that are set in the sentinel program, sentinel does the following:

  • It removes the offending username & password

  • It changes the customer’s password

  • It emails the customer their new username & password

  • It then puts the new password into your database so the customer can have access with the new username & password.

This is allowed to happen up to 5 times. On the 6th time, the customer is removed from the system and will not be allowed access to the member’s site, due to excessive account usage.

A total kill mode is available for sites with excessive hacked, stolen &/or shared passwords. This mode will simply remove the offending password from database, due to excessive account usage. No new password is issued.

Every time sentinel is run, it produces a report showing the top usernames activity over that time period. Included in the report are detailed accounts of each member’s usage statistics, sentinel’s set limits and a listing of usernames or IP’s, which exceeded programmed limits.

You can use the reports for the following:

  • Keep statistical information on what your members are doing

  • See when your site is most active

  • See who was removed from the system and the reason why it happened

  • To check for initial signs of a stolen/shared usernames & passwords.

  • To use as proof to the reason why a customer was removed for abuse of the membership area.

  • Detect brute force & dictionary attacks, noting & logging the offenders IP address.

Our Bandwidth Sentinel also contains other extra security refinements. Sentinel even takes security to the next level by detecting hack attempts from dictionary & brute force programs. We block these sites & users, which attempt to gain access to your member’s area and are able to permanently lock them out even before they break through your firewall. A cleaner, more detailed report interface makes keeping track of your sentinel reports easy. Sentinel even allows for more control over how many sentinel reports are received each day, while not decreasing your site’s security. A new modular interface makes upgrading to new versions easy, fast & efficient. A merchant side interface was added to allow merchants to manually block or remove IP addresses & domain names; to better service their customers. Nslookup’s can be generated on the blocked IP addresses list to better show where hacks & abuse are originating.

System Requirements:

  • Perl 5.x or better

  • Access to the site’s Access or Transfer Log

  • Telnet or Shell access

  • Crontab service (required to run sentinel on a periodic basis)

* Please Note: Sentinel is only available for Unix/Linux hosted sites. Windows hosted sites use other means to monitor username/password abuse.

The Setup Process

The membership management process is pretty straightforward. A typical Unix/Linux setup would go as follows:

  1. The merchant signs up for the service & receives a questionnaire.

  2. The merchant would fill out the questionnaire

  3. One of our support personnel would verify the information received is correct.

  4. If something is wrong, we will contact the merchant to obtain the correct information.

  5. Once all information has been verified, our membership management specialist would create the master database & necessary files on our server

  6. We would then FTP into the client’s web site.

  7. Our personnel would create a secure database directory above the public web files & proceed to FTP several files into that directory. These files become the site’s local password database.

  8. We then proceed to FTP a few more files into the site’s cgi-bin. These files are used to interface our server to your local database.

  9. Lastly we create & upload the .htaccess security file & test web page to your members web directory.

  10. We verify the setup and make any necessary changes to the files on your web site & to our server.

  11. Upon successful setup, the merchant is emailed a notification of setup completion & other vital information pertaining to their setup.

  12. The merchant would proceed to setup the necessary web pages on their web site to complete the setup process.

A typical Windows setup would go as follows:

  1. The merchant signs up for the service & receives a questionnaire.

  2. The merchant would fill out the questionnaire.

  3. One of our support personnel would verify the information received is correct.

  4. We will contact the merchant to make sure the required software has been setup and configured. This mostly pertains to turning on remote desktop access & making sure the Authentix/DAFWEB software has been installed.

  5. If something is wrong, we will contact the merchant.

  6. Once all information has been verified & the software is in place, our membership management specialists would create the master database & necessary files on our server.

  7. We would then FTP & pcAnywhere into the client’s server.

  8. Our personnel would create a secure database directory above the public web files & proceed to FTP several files in the directory. These files become the site’s local password database.

  9. We then proceed to FTP a few more files into the site’s cgi-bin. These files are used the interface our server to your local database.

  10. Lastly we modify the Authentix/DAFWEB software & server’s configuration to match our specifications & requirements.

  11. We verify the setup and make any necessary changes the files on your web site & to our server.

  12. Upon successful setup, the merchant is emailed a notification of setup completion & other vital information pertaining to their setup.

  13. The merchant would proceed to setup the necessary web pages on their web site to complete the setup process.

  14. At this time the merchant may shut off the remote desktop access if they feel inclined to do so. We only require remote desktop access during setup or repair processes.

Membership Management With Group Support

The membership management service by default is designed to allow the customer to order one of several membership plans offered to access a singular members area on the merchant’s web site. As needed, we can reconfigure a standard membership management account to handle groups. This allows the merchant to offer several separate membership plans & areas. Additional setup & account conversions fees may be incurred.

As an example, a merchant my wish to offer separate members areas for different services such as silver, gold, and platinum. Each of these areas would be protected via standard username/password authorization. The customer after signing up for a plan would only have access to the member’s area of the group in which they signed up for. If a customer signed up for the silver plan, the customer would only be able to access the silver members area. He or she would be blocked from entering the gold and platinum members areas.

Membership plans can also be setup to contain multiple groups. This can be used if the merchant wants their customers who join let’s say a gold plan to have access to the gold & silver members areas on the site.

Group supported membership setups can also protect several site’s membership area located on the same server. This allow for the greatest flexibility of the membership service while keeping a singular membership password database. This allows for easier & faster administration of your membership data & passwords.

Once an account is converted to handle groups, membership plans will contain the following data for each plan offered:

  • Initial price

  • Initial duration (X months &/or X Days)

  • The group or groups the plan will belong to (For Example: silver, gold, platinum, etc.)

If the plan is to be recur billed, it will further specify:

  • Recurring price

  • Recurring duration (X Months)

Our membership management service uses .htaccess or Authentix password security to protect & verify logins to the member’s area. A membership management accounts with group support can use flat file databases, DBM (database management), Berkley Binary database services or SQL databases to store the usernames & passwords, as well as to specify which group(s) the users belong to. This allows for maximum compatibility with servers of varying configurations.

Using the above example, a grouped membership management account could be structured like this:

http://www.thedomain.com/
-- Publicly Viewable Material (everyone can view this material)

http://www.thedomain.com/members/
-- General Members Only Area (all valid members see this material)

http://www.thedomain.com/members/silver/
-- Silver Group Members Only (only valid members belonging to the silver group can see this material)

http://www.thedomain.com/members/gold/
-- Gold Group Members Only (only valid members belonging to the gold group can see this material)

http://www.thedomain.com/members/platinum/
-- Platinum Group Members Only (only valid members belonging to the platinum group can see this material)

When a user attempts to access a grouped area, they are prompted for the username & password for the grouped area. If the customer enters a valid username & password for the grouped area, they are allowed in, If not they are kept out.

Other layout configurations are available; please see your sales rep for details.

Required Setup Information

When a company has obtained their account & the proper access with their hosting company, we will require the following information:

Merchant Username:

The server’s operating system & web severing software information will be required so we know which type of setup to use (Windows NT/2000/XP, Unix, Linux, Cobalt, etc.). This information also informs us of special modifications required to comply with the web server & operating system.

Operating System:
Operating System Version:

Web Server Software:
Web Server Software Version:

FTP access is required so we can upload the necessary files to setup the account. After the setup is complete, we use the FTP access to upload updated database information to the account.

FTP Host Name/Address:
FTP Username:
FTP Password:

The absolute path information is used when creating an account. This tells us where to find the necessary directories and files required for the setup. We also use the information to configure our scripts to point to the correct areas of the server when performing certain system functions.

Absolute path to Perl:
(Examples: Windows -> c:\perl522\bin\perl , UNIX -> /usr/bin/perl )

Absolute path to your cgi-bin:
(Examples: Windows -> c:\websites\mysite\cgi-bin , UNIX -> /usr/local/apache/cgi-bin )

Absolute path to your HTML root directory: (Examples: Windows -> c:\websites\mysite\ , UNIX -> /usr/local/apache/httpd )

Members Area URL:
(Example: http://www.yourdomain.com/members )

Absolute path to your Members root directory:
(Example: Windows -> c:\websites\mysite\members\ , Unix -> /usr/abc/web/members )

* Note: Up to 5 grouped member areas can be created at the time of setup of this service. We will require the Members Area URL & absolute path to that members area root directory for each groups wanted.

For Windows servers, please include the following:

Remote desktop access is required so we can login to your server and make necessary modifications to the membership management files and software (Authentix/DAFWEB). Due to restrictions of the server, some of these changes can not be changed via FTP. For security, remote desktop access can be turned off or disabled whenever maintenance or repairs are not being performed.

Do you have Authentix installed? Yes or No
If No, will you allow us to install it? Yes or No

If you answered Yes to one of the above questions, please fill in the below information.

The following is needed to setup/configure Authentix on your server.

Server Desktop Access:
-- No Server Desktop Access [You Configure Authentix Yourself]
-- MS Remote Desktop
-- pcAnywhere
-- VNC
-- Authentix Browser Based Remote Admin

Desktop Host:
Desktop Username:
Desktop Password:

For Unix/Linux servers, to setup the optional Bandwidth Sentinel, please include the following:

Shell Access:
-- SSH
-- Telnet
-- No Shell Access [No Bandwidth Sentinel]

SSH/Telnet Host:
SSH/Telnet Username:
SSH/Telnet Password: