The privacy of information on your site is particularly necessary, particularly if you are in a retail operation. Your files may not seem as serious as spy documents, but they still need to be given equal care.

A typical setup is that you have one or more sales pages for your product and when a prospect clicks on an order link they are redirected to PayPal, 2CheckOut or some other payment processing service. This setup is good for several reasons, the most important being the fact that you avoid having to deal with credit card numbers and other sensitive customer information. So far in 2007 there have been published reports of more than 89 million identity records exposed from data breaches. See the Identity Theft Resource Center for some really scary reading. Leaving data theft worries to companies who specialize in handling financial information is a great strategy for most small businesses.

But you are not quite out of the woods yet. As a vendor of a digital "soft product" that can be bought and downloaded straight away, you have to guard against digital shoplifting. There's lots of ways that people in your position leave their website goods on display, unattended - leaving people to make off with them without paying, if they know how.

We present the three most frequently occurring mistakes:

1. Easy to guess filenames.

If you have named your electronic book 'AdWords Secrets', do not include either 'Adwords' or 'Secrets' in the name. The location www.example.com/AdWordsSecrets.pdf is the first thing a user might try to access your work.

You should add a version number or date into your filenames ex: AdWordsSecrets_v42.pdf, etc. This makes guessing the filename and the URL of the file more difficult.

2. Indexing the product itself or the download page is the function of search engines.

It can be very difficult these days to keep the content on your website secret, as search engines have become so adept at spidering content on the web. Even without a public link, a search engine may discover your secret product download page and index it. When this occurs, your product download page will be visible to anyone using that search engine, and they will be able to access your product for free.

Look up your site frequently to see what search engines are picking up about the site. With the larger search engines sites, you can look up by typing "operator yoursitename.com. This should give you a listing of all pages on your site that is indexed.

3. An inadequately constructed Robots.txt

robots.txt is a text file that you can place on your web server to guide search engines to what content they are allowed to index and what is off limits. While this may prevent most search engines from indexing your secret web pages, it opens up another vulnerability: any curious web surfer is able to view your robots.txt file. If the file explicitly forbids search engines from looking in the /downloads or /report directories, then it's very likely that's where the secret files are stored. With this knowledge the web surfer can more easily find your product and download it for free.

You need to strike the right balance between protecting certain files and directories in robots.txt while not revealing too much about the structure of your web site.

Digital products are a great item to sell online. Be sure that you are getting paid for the items you have put the time into creating by using the guidelines listed above. These will help you be successful.

Nick Dalton's blog is http://www.TipsTricksToolsTechniques.com/ where he regularly shares tips on Internet security. Also worth checking out is his latest report called The Digital Security Report it has essential advice for Internet business owners selling products online.