Setup and Configuration
- Go to: Store Settings > Settings > Products > Downloadable Products.
- Select a File Download Method from the dropdown.
- Force Downloads – File downloads are forced, using PHP. To ensure files are protected from direct linking, Force Downloads can be used. Files are served by PHP. However, if your files are large, or the server is underpowered, you may experience timeouts during download. In this case, you need to either look at your server or use the redirect method.
- X-Accel-Redirect/X-Sendfile – Downloads are handled by the server (nginx/apache). This method requires the X-Accel-Redirect/X-Sendfile module to be installed and enabled on the server. Confirm with your web host that one of these modules is installed before using this method. It’s the most reliable method because the file is served directly to the customer and gives you the best performance. Files are also protected by an
.htaccess file, making it secure.
- Redirect only (insecure) – When users download a file, their link redirects to the file. Using this method means your files will be unprotected and whoever has the upload link will be able to access the file, even when they are not logged in.
- If you have selected either Force Downloads or X-Accel-Redirect/X-Sendfile then you may also wish to enable the Allow using redirect mode (insecure) as a last resort setting. When enabled, if for any reason an individual file cannot be served via your preferred method then a redirect will be used instead. This comes with similar drawbacks to those noted above regarding Redirect only (insecure), but it can still be useful in situations where you host assets across a range of different platforms and where some of those are not suitable for your preferred method.
- Choose a level of Access Restriction.
- Tick the Downloads Require Login checkbox if you want users to be logged in to download files. Guest checkout would need to be disabled.
- Tick the Grant access to downloadable products after payment checkbox if you wish to grant access to files when orders are Processing, instead of Completed.
- Select Append a unique string to filename for security if you want to make sure that the security of your files is enhanced. It’s recommended to be turned on and will be turned on by default, but it’s not required if someone has properly configured their upload directory. No filename or links will be affected when you turn it on, only files uploaded when this setting is checked will have a unique string added to them. This is setting is fully backward compatible and can be turned off-on at whim without affecting any already generated file links.
- Save changes.
Protecting your uploads directory
By default, Ecomly introduces a
.htaccess file to protect your
wp-content/uploads/woocommerce_uploads directory, however, this doesn’t guarantee the protection of this directory, since everything depends on the configuration of the server.
Unique String after the Filename
WooCommerce appends a unique string to the filename of uploaded files to enhance security.
It is recommended to be turned on and will be turned on by default, but it’s not required if you have already properly configured your upload directory. No filename or links will be affected when you turn it on, only files uploaded when this setting is checked will have a unique string added to them.
This is setting is fully backward compatible and can be turned off-on at a whim without affecting any already generated file links.
You can access this setting by going to Store Settings> Settings > Products > Downloadable products.
Creating downloadable products
Downloadable Simple Products
To get started:
- Go to: Store Settings > Products > Add Product to add a new Simple product as outlined in Adding and Managing Products.
- Tick the Downloadable checkbox:
- After ticking this box, other options appear – Downloadable Files, Download Limit, Download Expiry.
- Select the Add file button, and then name the file. Enter the downloadable URL if it’s hosted elsewhere, or select the Choose file button to either insert an existing file from your Media Library or to Upload a new file. Upload the file and click Insert to set up each downloadable file URL.
- Enter “Download limit” (optional). Once a user hits this limit, they can no longer download the file.
- Enter “Download expiry” (optional). If you define a number of days, download links expire after that.
- Once you’ve completed this edit to the product, press Publish or Update as usual.
Options work the same as Simple Products: Set the file path, optionally choose a download limit and expiry, and save.
Combining Downloadable and Virtual products
If you tick the Downloadable checkboxes, products can have stock and are treated as physical products. This allows you to sell downloads and real products together.
If you want to add/sell a downloadable product that does not have a physical component, enable the Virtual option.
The ordering process for downloadable products is:
- The customer adds a downloadable product to their cart.
- The customer checks out and pays.
- After the payment, several things can happen depending on your setup:
- If items in the order are all downloadable + virtual, the order is completed.
- If items are physical and downloadable/virtual, the order is processing until you change it.
- Once complete, or if the option “Grant access to downloadable products after payment” is enabled, the customer can:
- Be granted download permission
- See download links on the order received page
- See download links in their email notification
- See download links on their ‘My Account’ page if logged in
Customers can then download files.
Managing Orders with Downloadable Line items
- Go to: WooCommerce > Orders and select the order to view or edit.
- Scroll down to the Downloadable Product Permissions meta box, which displays the download and how many times the customer had accessed it.
- Revoke access, grant access to new downloads, or exit order.