Software, your way.
How To Get Good Custom Software
(Download)
(PDF)
burger menu icon
WillMaster

WillMasterBlog > Content Protection

FREE! Coding tips, tricks, and treasures.

Possibilities weekly ezine

Get the weekly email website developers read:

 

Your email address

name@example.com
YES! Send Possibilities every week!

Defeating Source Code Page Copying Thieves

When thieves copy the source code of your web pages and republish them on their own domain, they may be defeated.

Set things up by ensuring each web page to be protected imports a JavaScript file. The src= URL needs to be the absolute http://... URL to a JavaScript file on your server.

If your pages don't already do so, create a file named myjsfile.js and upload it to your server. The file can contain this single line: 

document.write("");

To import the file, use this: 

<script type="text/javascript" src="https://example.com/myjsfile.js"></script>

Replace http://example.com/myjsfile.js with the absolute http://... URL to myjsfile.js on your server.

Okay, your pages are set up.

Implementing the Protection

If the entire web page source code is copied for use somewhere else, the JavaScript to import an external file is also copied.

The .htaccess file is used to take control should the web page source code be published on another domain.

Control is obtained by sending alternate JavaScript to stolen web pages. That JavaScript can be anything you want it to be, from a benign notice to replacing the content of the entire page.

I would suggest something more benign than draconian, like a notice popup or a redirect to your own website. Some people just don't think and have no active bad intent when republishing the source code of web pages.

To implement the protection, first, create a .js file of whatever alternate JavaScript you want to deliver to the stolen web page.

Then, copy the following code, make changes, and put it into your .htaccess file. I strongly suggest trying the code in an .htaccess file in a subdirectory before putting it into the document root directory. It's easy to mess up the .htaccess file with a simple little typographical error. 

RewriteEngine On
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^https?://example\.com(/)? [NC]
RewriteCond %{HTTP_REFERER} !^https?://www\.example\.com(/)? [NC]
RewriteRule ^.+\.js$ http://www.example.com/alternate.js [NC,L]

On lines 3 and 4, replace example.com with your own domain name. Note the backward slash before the periods.

On the last line, line 5, replace http://www.example.com/alternate.js with the URL to the JavaScript file with the alternate content.

After putting the lines into the .htaccess file, immediately check whether or not your own code to import JavaScript is still working.

Then further test the implementation with a link to a .js file on your domain from a web page on another domain. If you don't have a second domain, ask a friend to help you test the code.

If the link on the other domain results in importing the .js file specified in the URL at the last line of the .htaccess code, it's working.

If you own more than one domain and they share JavaScript files, or if you allow other site owners access to certain JavaScript files, the .htaccess code will need to take those domains and allowed files into account. The .htaccess code can quickly become more complicated.

In that case, get a WebSite's Secret membership and download Hotlink Alarm II. It creates the .htaccess code for you.

Hotlink Alarm II also can protect other types of files, like ZIP and PDF by delivering alternate files, and it can provide alternate images to websites that hotlink to yours. It's a nice piece of software, a WebSite's Secret exclusive.

Will Bontrager

Was this blog post helpful to you?
(anonymous form)

Support This Website

Some of our support is from people like you who see the value of all that's offered for FREE at this website.

"Yes, let me contribute."

Amount (USD):

Tap to Choose
Contribution
Method

All information in WillMaster Blog articles is presented AS-IS.

We only suggest and recommend what we believe is of value. As remuneration for the time and research involved to provide quality links, we generally use affiliate links when we can. Whenever we link to something not our own, you should assume they are affiliate links or that we benefit in some way.

Recent Articles in the Library

Keeping Image Location Secret

The URL of an image embedded in a web page may be kept secret.

Easier Reading of JSON Data

For easier reading of JSON data, convert the JSON into an array.

Fixed Position Image

Position an image within a browser window that won't move even with page scroll.

Visually Centering Images

Sometimes an image that is technically centered doesn't look quite centered when viewed.

Cookie Directory Protection

Protecting subdirectories with a cookie can be an especially good method when access needs to be allowed from various internet connections.

Check SSL Certificate

An easy-to-use SSL checker to see when your secure certificate expires.

Strong Form Protection From Bots

A web page form that is invisible to spam bots.

How Can We Help You? balloons
How Can We Help You?
bullet Custom Programming
bullet Ready-Made Software
bullet Technical Support
bullet Possibilities Newsletter
bullet Website "How-To" Info
bullet Useful Information List

Blog Article Categories

software index page

© 1998-2001 William and Mari Bontrager
© 2001-2011 Bontrager Connection, LLC
© 2011-2024 Will Bontrager Software LLC