Is there a way to make my code secure?

matt_h76 · 02-04-2005, 09:44 AM

Hi

I'm not sure if this is possible. Is there a way to prevent users seeing your website source code? I have implemented a "no-right click" function as follows:
function rightclick(){
if(event.button==2){warning()
alert("All images on this website are owned by ------")
;}
}document.onmousedown=rightclick// --]

function warning(){
}

This prevents users right clicking and selecting "View Source". However code can still be viewed quite easily by going to "View" in the top menu and then selecting "Source". Is there a way to prevent this? Alternatively is there a way to password protect my web pages/files (which are mostly in HTML and some PHP), as can be done with Excel spreadsheets?

Thank you for any help.

Matt

**Fox** · 02-04-2005, 10:16 AM

The PHP itself is usually safe from view source unless you forgot to install PHP on your server and just type in the file name from a browser (which is what I did before I learned that PHP requres a serverside interpreter)

I hate to say this, but there's a way around everything. Image protection? The most determined will just use the printscreen key and paste it into paint. If it's too big, they'll take the shots separately and piece them together.

As a rule, if the computer can see it, the user can see it.

As for password protection... I'm not exactly sure what you are referring to- on the internet or on your local machine? I don't think there's a way to password protect the file itself unless you put it in an archive (.zip, .rar, or one of the other ones) or inside a password protected directory (which can only be done on a NT, W2k, or XP machine under NTFS.

greyknight17 · 02-05-2005, 09:51 AM

I use a program that will encode your source file and even password protect it. This is a great piece of software but like Fox said, nothing is perfect/secure (especially once it goes online).

Do a Google search for HTML Cipher. I hope you like it as much as I do. Very easy to use.

jackel · 02-05-2005, 02:27 PM

there isn't really any way you can 100% secure html.

With asp and php it's server side so all you coding is done on the server and just displays the results.

Why do you need to hide your code anyway, is there any real need for it?

Theres about 6 ways i can think of to try and hide your script with javascripts but theres always someone that can get around it.

www.hotscripts.com

go to that site and look around it'll have some scripts

02-04-2005, 09:44 AM	#1 (permalink)
matt_h76 Member Join Date: Sep 2004 Location: West Sussex UK Posts: 21 OS: XP Pro / 2000	Is there a way to make my code secure? Hi I'm not sure if this is possible. Is there a way to prevent users seeing your website source code? I have implemented a "no-right click" function as follows: function rightclick(){ if(event.button==2){warning() alert("All images on this website are owned by ------") ;} }document.onmousedown=rightclick// --] function warning(){ } This prevents users right clicking and selecting "View Source". However code can still be viewed quite easily by going to "View" in the top menu and then selecting "Source". Is there a way to prevent this? Alternatively is there a way to password protect my web pages/files (which are mostly in HTML and some PHP), as can be done with Excel spreadsheets? Thank you for any help. Matt

02-05-2005, 09:51 AM	#3 (permalink)
greyknight17 Analyst, Security Team Join Date: Jul 2004 Location: New York Posts: 14,327 OS: Windows 98 & Windows XP Home/Pro My System	I use a program that will encode your source file and even password protect it. This is a great piece of software but like Fox said, nothing is perfect/secure (especially once it goes online). Do a Google search for HTML Cipher. I hope you like it as much as I do. Very easy to use. __________________ Please do NOT PM me. Post whatever questions you may have in the forum and we will take a look at it when we get to it. If you have waited for more than 3 days, you may then and ONLY then PM me for assistance. I will take a look at it. Adaware :: CWShredder :: HijackThis :: Panda ActiveScan :: Spybot S&D Anti-Spyware Tutorial :: Spyware Prevention Tools

02-04-2005, 10:16 AM	#2 (permalink)
Fox TSF Enthusiast Join Date: Sep 2002 Location: NJ Posts: 7,752 OS: XP Pro, CentOS My System	The PHP itself is usually safe from view source unless you forgot to install PHP on your server and just type in the file name from a browser (which is what I did before I learned that PHP requres a serverside interpreter) I hate to say this, but there's a way around everything. Image protection? The most determined will just use the printscreen key and paste it into paint. If it's too big, they'll take the shots separately and piece them together. As a rule, if the computer can see it, the user can see it. As for password protection... I'm not exactly sure what you are referring to- on the internet or on your local machine? I don't think there's a way to password protect the file itself unless you put it in an archive (.zip, .rar, or one of the other ones) or inside a password protected directory (which can only be done on a NT, W2k, or XP machine under NTFS.

02-05-2005, 02:27 PM	#4 (permalink)
jackel Registered User Join Date: Jan 2005 Posts: 17 OS: xp	there isn't really any way you can 100% secure html. With asp and php it's server side so all you coding is done on the server and just displays the results. Why do you need to hide your code anyway, is there any real need for it? Theres about 6 ways i can think of to try and hide your script with javascripts but theres always someone that can get around it. www.hotscripts.com go to that site and look around it'll have some scripts