ThemeForest

Change for Authors Using FTP

doru
5320 posts
  • Community Superstar
  • Italy
  • Sold between 10 000 and 50 000 dollars
  • Has been a member for 4-5 years
  • Microlancer Beta Tester
  • Beta Tester
  • Repeatedly Helped protect Envato Marketplaces against copyright violations
  • Exclusive Author
  • Author had a Free File of the Month
+2 more
doru says
billyf said
In that case, you should generate a new API key which is meant specifically for your FTP only ;)

any api keys will work with the ftp login.

but this debate is pointless

because it appears that

Carmen said
(currently it’s password OR API key).

didn’t knew that. :)

The only way that someone could profit from this, is that if he knows your api key then he can log in while you upload an item and download it from the ftp. I’m not sure if you can access your files after you click the submit button in the upload form and you send them to the queue button. If you can’t access the files then I think the opportunity window is pretty small, but if you can do it, then someone could copy your files while they are in the review queue.

Till the staff will clarify this I think the best solution is to delete all API keys and generate a new one and then keep that to yourself. No third party should know the API keys.

EDIT:

done! api keys deleted and generate a new one. I should be fine now.

6 months ago via ThemeForest |
urbazon
1632 posts
  • Author had a File in an Envato Bundle
  • Author was Featured
  • Contributed a Blog Post
  • Exclusive Author
  • Has been a member for 3-4 years
  • Interviewed on the Envato Notes blog
  • Referred between 1 and 9 users
  • Serbia
  • Sold between 10 000 and 50 000 dollars
urbazon says
doru said
The only way that someone could profit from this, is that if he knows your api key then he can log in while you upload an item and download it from the ftp.

The last time I checked, I wasn’t able to download anything from the ftp servers. I can only upload, but can’t download from there. I don’t know much about ftp, but I guess this was restricted on purpose for various reasons. Don’t know if it can be bypassed in any way… :/ Hope not :D

6 months ago via AudioJungle |
x4er0
129 posts
  • Microlancer Beta Tester
  • Europe
  • Sold between 5 000 and 10 000 dollars
  • Most Wanted Bounty Winner
  • Bought between 1 and 9 items
  • Exclusive Author
  • Has been a member for 2-3 years
  • Referred between 10 and 49 users
x4er0 says
jonathan01 said
At this time of the year may i suggest that a message is placed on authors dashboards or send out an email as many will not see this message and you will then receive a flood of posts no doubt in the new year asking why their FTP uploads are not working. Just a suggestion. +1 Jonathan
6 months ago via ThemeForest |
doru
5320 posts
  • Community Superstar
  • Italy
  • Sold between 10 000 and 50 000 dollars
  • Has been a member for 4-5 years
  • Microlancer Beta Tester
  • Beta Tester
  • Repeatedly Helped protect Envato Marketplaces against copyright violations
  • Exclusive Author
  • Author had a Free File of the Month
+2 more
doru says
urbazon said
doru said
The only way that someone could profit from this, is that if he knows your api key then he can log in while you upload an item and download it from the ftp.
The last time I checked, I wasn’t able to download anything from the ftp servers. I can only upload, but can’t download from there. I don’t know much about ftp, but I guess this was restricted on purpose for various reasons. Don’t know if it can be bypassed in any way… :/ Hope not :D

well, never tried to download the items while uploading via ftp so probably you are right. :)

6 months ago via ThemeForest |
no-thumbnail
3 posts
  • Bought between 1 and 9 items
  • Has been a member for 0-1 years
CgBoutique says

Oh, that’s good info before i upload my first item ! :D

6 months ago via 3DOcean |
RafaelOliveira
RafaelOliveira Recent Posts
Threads Started
999 posts
  • Microlancer Beta Tester
  • Brazil
  • Exclusive Author
  • Sold between 10 000 and 50 000 dollars
  • Most Wanted Bounty Winner
  • Referred between 100 and 199 users
  • Bought between 1 and 9 items
  • Has been a member for 2-3 years
RafaelOliveira says
doru said
urbazon said
doru said
The only way that someone could profit from this, is that if he knows your api key then he can log in while you upload an item and download it from the ftp.
The last time I checked, I wasn’t able to download anything from the ftp servers. I can only upload, but can’t download from there. I don’t know much about ftp, but I guess this was restricted on purpose for various reasons. Don’t know if it can be bypassed in any way… :/ Hope not :D
well, never tried to download the items while uploading via ftp so probably you are right. :)

I had tried and it’s impossible :)

6 months ago via GraphicRiver |
rabidflash
121 posts
  • Author had a Free File of the Month
  • Bought between 10 and 49 items
  • Exclusive Author
  • Has been a member for 1-2 years
  • Referred between 10 and 49 users
  • Sold between 1 000 and 5 000 dollars
  • India
rabidflash says

like others said, this doesn’t make sense. Why opt for open APIs which authors use in many 3rd party apps instead of more secure and closed password? You may not able to download/ edit the files but you can delete the uploaded files. I’m not sure what exactly happens once the item’s been submitted- whether the files are moved to a different path or still accessed from the same path, but the change makes no sense.

6 months ago via CodeCanyon |
urbazon
1632 posts
  • Author had a File in an Envato Bundle
  • Author was Featured
  • Contributed a Blog Post
  • Exclusive Author
  • Has been a member for 3-4 years
  • Interviewed on the Envato Notes blog
  • Referred between 1 and 9 users
  • Serbia
  • Sold between 10 000 and 50 000 dollars
urbazon says
rabidflash said
like others said, this doesn’t make sense. Why opt for open APIs which authors use in many 3rd party apps instead of more secure and closed password? You may not able to download/ edit the files but you can delete the uploaded files. I’m not sure what exactly happens once the item’s been submitted- whether the files are moved to a different path or still accessed from the same path, but the change makes no sense.

Once you submit the uploaded files via forms on the website, they do get removed from your ftp folder (although it’s not the case on PhotoDune since recently, it must be some kind of a bug…?)

But yes, never thought of that – files can be deleted indeed :/

6 months ago via AudioJungle |
rabidflash
121 posts
  • Author had a Free File of the Month
  • Bought between 10 and 49 items
  • Exclusive Author
  • Has been a member for 1-2 years
  • Referred between 10 and 49 users
  • Sold between 1 000 and 5 000 dollars
  • India
rabidflash says

I’m almost certfiles from ftp don’t get deleted immediately after submitting them. They are deleted automatically after sometime even if you don’t submit them.

6 months ago via CodeCanyon |
Carmen
606 posts Senior Community Officer
  • Attended a Community Meetup
  • Australia
  • Bought between 10 and 49 items
  • Community Ambassador
  • Contributed a Blog Post
  • Envato Staff
  • Exclusive Author
  • Grew a moustache for the Envato Movember competition
  • Has been a member for 1-2 years
+3 more
Carmen staff says

Hi guys, I’ll get one of the devs to reply to you. :)

6 months ago via PhotoDune |

Search forums

Active threads

Introducing Recent Tweets Widget (API v1.1) 17 replies, last by Decneo 16 minutes ago
Share your Profile Image 305 replies, last by vektorisasi 17 minutes ago
Make Money link is not working 13 replies, last by EFEKT_Studio 2 hours ago
Dreaded stupid p tags in wordpress! 4 replies, last by PrimaThemes 2 hours ago
Offering free items in the top bar of theme preview now allowed? 1 replies, last by PrimaThemes 2 hours ago
Stylesheet is missing VS There is no documentation 33 replies, last by chrisakelley 2 hours ago
Dear Envato, fix your meta viewport tag 5 replies, last by GravityDept 3 hours ago
by
by
by
by
by