Which is the best reseller iPage web hosting company? please give reason?

Click Here To View All Answers...

My question is Which is the best reseller iPage web hosting company? please give reason? Many thanks for any answer or 2. 2nd question I got is.. Ok just give me your views on this topic,.

I have disabled right click, source code, offline webpage, links in status bar, opera users, adobe web capture, text select, clipboard/printscreen, drag and drop, psage printing, encrypted the entire page, copy right blabla.... also protected image using server side script (php).

I think it's still possible but very limited now , what do you dudes think,..

Comments (130)

That's a good question. I'm not sure what is the answer. I'll do some research and get back to you if I bump into an useful answer. You should email the people at iPage as they probably can help you..

Comment #1

If you can see the page you'll be able to see the source, there are plugins/extensions that allow you to view "formatted source" for most, if not all browsers, don't waste your time with this anymore if someone really wants it there's nothing you can do other than not making the iPage site available to them...

Comment #2

Why on Earth would you go to such extremes to protect your code? Any half-decent designer can recreate the page using CSS/HTML and the images can be retrieved or picked up in the same place you got them..


Comment #3

What do you have that is sooooo top secret?? I'm kindof guessing it's your username:pass thats lodged in the javascript... in that case use a server side method to protect yourself. also, is there an html faq thread,, if so ,, source code encryption should be mentioned...

Comment #4

Lol, when I test it, it'll probbly not work so, anyway il just learn through som of it as I'm doing a course that has programming in it..

Comment #5

Uh huh, so how did you disable view source then?..

Comment #6

Can we leave it up? The question of disabling things like right click and view source often come up. You've added some ways of doing this, but we've also mentioned that there is no sure way to do this. This should help someone else that's interested in hiding their information..


Comment #7

Well I am gunna jump on the band wagon here.

- You CAN stop people from hotliking images from your site.

- You CANNOT prevent people from downloading images from your site.

- You CANNOT hide or 'disable' source code.

- You CANNOT disable someone viewing your page offline.

- You CANNOT disable right click.

- You CANNOT stop text/images from being copied to the clipboard.

- You CANNOT disable printing or screen capturing.

Frankly ANYTHING done in javascript.




Guarentee anything. Anyone who is going to steal your content and do something with it would know javascript can be disabled with a click of a button. Then all your special javascript protection is completely and utterly useless..

Passwords and other sensitive information MUST be stored in a database, and/or hash, and only made available to the server. This is done with server side languages such as PHP, and ONLY THEN is that content invisable to the person viewing your page. However all the statements above apply to PHP and any other server language as well..

Keep sensitive data in secure location, and let a less knowledgable user be able to use their familiar browser functions...

Comment #8

Amen erisco,, I think thats the most thorough explanation yet..

Hopefully people will listen..

Comment #9

I am not going to say what every body else has said but I am very VERY curious as to how you think you disabled all that?..

Comment #10

Hmm, if you have cazaam serverspeeds, you could make a serverside code that would draw an scrambled image for you, then slize the image to tiny peaces and make ajax call to "rearrange" the tiny peaces in serverside to correct places when image is hovered and make it look like a image. Thus taking a screenshot from the image would include the cursor and making the image look kinda "ugly". And if javascript is forced to be on thisway, you can do whatever you want to prevent the copying..

This would not make it impossible, but pain to copy..

Somebody can see a flaw in my theory?..

Comment #11

So people have to hover over an image to see it? That sucks does it not? Imagine having to hover over every image on this iPage site to see it. Oh and also, print screen doesn't include the cursor in the output...

Comment #12

Vege, at that rate of complex algorithms and piles of image slices causing rapidly increased processing time, why not just watermark the images?..

Comment #13

Well I was thinking like imagegallerys where people would come to see the images, not the images that builds the page..

Dang, I remebered that cursor was visible in the screenshot, my theory is ruind.

But while we are onit, we could build a javascript cursor that would be visible inside the image while hovering it, but it would be hardcoded inside the image, thus taking a screenshot would make the cursor inside the pic..

Doable, ill test it..

Comment #14

Sure, we could, but would that disable the copying process? nope..

Ill see what I can do as I have too mutch free time...

Comment #15

If you copy a watermarked image then who cares, what are they going to do with it with a big ole watermark all over it. Wehn you watermark a image it is all over the image, not in the corner. go to.

, see the watermarking? that is how to do it. then if they copy it who cares..

Watermarking is the only true way to stop people from taking the images..

Hmmm, I must have scared buzincarl, they haven't come back to let us know how he did it...

Comment #16

Water marking is the only way to go..

Vega, I guarantee I'd be able to simply rip your ajax script and changed the onmouseover event to onload, then your work will have been pointless, much like trying to hide html/images/css/client-side sripts, using the base tag to link into the image files..

(I can't believe how many times people have gone over this subject in so many forums.)..

Comment #17

Get over it iv moved on I'm not posting on this topic anymore it's starting to annoy me.

All of this is right.


Comment #18

Basically only problem is the printscreen. Serverside code can hide all image sources..

And basically it's just stupid to say something cant be done -.-..

Comment #19

Vege, how practical is it to have to hover over every image you want to see? Not to mention the look of the scrambled images, it wouldn't be too pretty. If javascript was disabled you wouldn't be able to unscramble them at all. Finally you have the delay time while javascript rearranges the image....

If you think the things I have said you can't do can actually be done, please say how because many people would benefit from it. Everything the user sees must be sent to them, they get all the images, they get all the source. Otherwise they can't view it. The only things you can hide are the server side languages, and they don't have the ability to do anything of what I stated...

Comment #20

I want to see you prove it as well. what was said on here is a can't be done. it is not stupid, it is the truth. server side code cannot stop print screen either. doesn't matter if you do hide the paths, not one person here said you can't hide the paths. but what good does it do if you do hide the paths? I can still get to the image.

Hidden or not...

Comment #21

True true..

But you have to admit that you can make it pretty darn timeconsuming process to steal pictures if you want to and usually people who can steal em, know they shouldnt...

Comment #22

Yup, I agree, that is all you can do. but there will be users out there that will spend the time..

If anybody wants that image bad enough, they will get it...

Comment #23


Goes through a lot of trouble to hide the source of their server list page... but I have seen a iPage site with backdoor links to all the individual servers. I personally didn't spend the time to try and find the server locations but, obviously it was possible and someone did spend the time...

Comment #24

Ok, I'll be the devil's advocate if I musttis for the sake of argument, you can say..

A more valid list would be:.

- You CAN stop people from hotliking images from your site.

- You CANNOT prevent people from downloading images from your site.

- You CAN hide or 'disable' source code.

- You CAN disable someone viewing your page offline.

- You CAN disable right click.

- You CAN stop text/images from being copied to the clipboard.

- You CANNOT disable printing or screen capturing.

I'll agree that th emost practical thing to do is to just watermark you images, but that doesn't mean we should claim all other methods of protection (no matter how deprecated) don't work..

As per the source code (someone might have mentioned this, I didn't read in detail), you can always encrypt it with a special server-side encryption method. The users computer can download the encryption tool (or would it be un-encryption??), but it is only temporary (as in, a rotating encryption method). That's the only way I could think of hiding your source code..

You can disable people viewing you page offline, but this is assuming that the user is not just loading the page, then logging off the internet with the page still opened..

Even if that were the case, however, you can set refresh-methods to stop people from viewing your page longer than what would be required for it's purposes (and once it tries to refresh offline, the cache is lost)..

I say you can disable right-click, but only through JavaScript. That, of course can be disabled, but the point remains that disabling a right-click on the PC is still possible..

Additionally, I say that you can stop images from being copied simply by using layers. Even setting images as backgrounds (and then using a randomized spacer.gif [by which I mean it is not named 'spacer,' but something more convincing]) will prevent people from directly getting at your photos..


I'm sure y'all are dying to rebut now, but I'll make one final arguement. Put everything in a Flash file. Aside from using a screen capture, it's virtually impossible to steal anything from your site, if it's all in flash. SO you lose a few dial-up visitors. Big whoop. It's still worth it to most companies, and I'd assume the same for you, if your content is truely that precious....

Comment #25

Ok, my turn.

- You CAN hide or 'disable' source code.

Ah no you can't. even in encryption, the output is ALWAYS html. disabling source code is stopping a user from right clicking and view source, or view-> source from the menu. You cannot take those away..

- You CAN disable someone viewing your page offline.

Again, file ->save as. or in IE, it ALWAYS gets saved to your pc. once it is offline who cares about refresh methods, you just don't get the most current verson this way. but if refresh is used, it just refreshes the offline-conent. again, IE stores it on your pc.

- You CAN disable right click.

Like you said, you can disable javascript so this one is pointless but yes it can be done..

- You CAN stop text/images from being copied to the clipboard.

Even if you use layers I can still copy the image to my clipboard. not sure about IE but in firefox I can go to page info and just save the image you just covered..

That is why it is imortant to use watermarked images, all this is nullified if you do cause who wants to save a watermarked image??.

And there you have it..

Comment #26

Point taken, but I have just one question (personal experience/troubles from IE):.

What if you set a cookie? Ok, first you have to set one of those annoying pages that say "You have disabled cookies. Please allow them to view the following page." Then, with that cookie, you could set an expiration date on the webpage, so that if the user tries to open the page offline (even if it were just one second after viewing it online), it comes up as another annoying page saying "You must be online to view this page" or "Server not found" or whatever the heck it is..

Anyway, if you have the page refresh after a while, the page couldn't be reloaded offline because of the expiration..

Am I getting at something, or am I just way off base?.

I remember in ye olde days, I'd get frustrated because, just minutes after logging off, I'd go under the History in IE and find that I couldn't view some pages unless I logged on again....

Comment #27

Juparis, you have to remember that anything server side is not saved onto their computers. They can download a completely dynamic page, but that page itself won't change because only the source comes with it..

I don't see what a cookie would do, if you set the cookie with javascript then the cookie exists. You can also make cookies, and I don't see what an expiry date would do, the cookie can just be reset..

Also page encryption is not what it sounds like. You hand them the key right in your source of how to decrypt the encryption. Not to mention everything is outputted as HTML so there is no benefit...

Comment #28

The encryption method - the computer understand the key, the user (unless a 1337 hacker) won't. And obviously it will output as html, otherwise it wouldn't be used on html-pages.. Regardless.....

...the cookie sets an expiration date such that the cache is erased after the set time. (not the entire cache, but anything the page contains). Of course you can always save it to your harddrive, but the typical user would simply be perplexed that he cannot view the page offline...

Comment #29

Well if it is obvious that it outputs as html, I don't see what the key ultimately achieves. Any person who could do something with your content will be able to get your encryption... as I said, the key is right there..

You can't set cookies to erase cache... and cookies are saved to your harddrive. I don't understand where you are coming from...

Comment #30

(This is based off of what little I know/understand about encryption keyswhat I was told, and what I assume is true. Sorry if my sources are incorrect).

The key is for the computer to use to translate the source, which (in a normal text editor) cannot be read. I assumed that the output is what's ultimately displayed in the window, not what you find with the View>Source option. Anyway, the common man will not know how to handle/read a key, let alone how to use it to translate the source..

As per cookies, I already stated that it was from my past experience that I assumed cookies have the capabilities to erase caches (not they themselves, but instruct the computer to do so once the page is expired). If it's not cookies, then what is it?.

...and I'm coming from Wisconsin, by the way. How bout you?..

Comment #31

A javascript ecryption would be simply running source through certain filters, whether you reverse the code, then convert to ASCII and then convert to Hex, it doesn't make a difference. You have to write an algorithm to reverse that process, and that algo is available to anyone who can read the source. Also upon viewing the page, all the text is available, and all the images are as well. What left is there to hide?.

If you are trying to protect sensitive information, only protecting it from the 'normal man' is not going to cut it. Are you going to waste your time on a bogus security method when it can be breached by anyone who can read javascript? What does the encryption ultimately achieve other than requiring javascript to view the page, and making things harder to update for the webmaster?.

I don't think it is cookies that remove cache, it would be a 301 header or something of the sort. Even then it depends on how the browser is configured, it may not bother to delete cache based on headers. I wouldn't be surprised if that was the case. And cache means nothing when a iPage site is offline, since the pages are literally downloaded from the server onto the users computer. That is not internet cache, and you cannot tell the computer to delete those files. Browsing cache offline, and downloading a iPage site for offline use are two completely different matters..

I don't understand why anyone is bound and determined that these feats are possible. They simply aren't. They are pointless to use, and pointless to rely on. It is set in stone... there is no way to prevent it. It was not how the internet was designed, and it is not how browsers are designed, you cannot hide anything.

Simple as that...

Comment #32

Ooh, am I striking an odd nerve, erisco? Don't get too fired up, I was hoping for an open-minded discussion. I guess those hopes were in vain... Ah well, I'll leave you with one final note:.

According to your logic, half the world's products shouldn't be produced simply because a fraction of the population will always be able to break it. Why manufacture a safe if the world's top thief can crack it in 5 minutes flat? I think the general answer would be, "Do you honestly believe that the >1% of thieves will come to your random house, and go after your one safe they know they can breach?".

I mean, c'mon. You were the one to start pushing practicality reasoning, yet you won't even consider realistic situations yourself? I'll take you seriously once you take me seriously...

If 99.9% of my viewers are lay men, I'm going to protect myself from the common man, not the world's top cracker (commonly called hacker; I'm not trying to be racist). Are you seriously suggesting I take a nuke to an ant hill, just because there's a slight chance that a few will survive the normal bug spray? Oh, but I guess it's your arguement that ants can't be killed, so why bother try? No matter what I use on their little kingdom hill, there will always be a few left behind, so I should just give up my attack right now. Is that what you're saying? Because that's what I'm infering. You might as well tell the lone protestor at Tiananmen to give up because the CCP will never listen to it's people. It's the same message you're sending here, and I don't personally appreciate that type of b****ry..

If it was my ignorance that angered you, I'm sorryI did forewarn, however, that I'm not exactly keen on these subjects. I'll continue to protect what I deem necessaryif you want to steal my photos simply to prove me wrong, go right ahead. I doubt you'll find much use of them anyway...

Comment #33

My point is javascript protection is a waste of time when there are BETTER methods, and those methods have already been discussed here. I never said the best hacker is going to be coming to your iPage site to do damage, but at the same time there are many people who can read javascript, and they will pose a threat to that security..

Also, all the text and images are in plain view, so ultimately what does it protect? The html tags?.

You can easily have a very secure iPage site by keeping things server side, if there is sensitive information in your source code you are doing something wrong. There is absolutely no reason for it..

I am generally not following what you are saying... I think you are not understanding what I am trying to tell...

Comment #34

Hehe, you guys. encryption will never stop you from seeing the source. once the page is in your cache or you save it to your hard drive it is all mute. cookies will never stop you from viewing the page. the source is free for the taken, nothing can stop it. no session, no cookie, and no javascript and no encryption.

So juparis, to answer your question, no, encryption will not help..

No, this is saying that when you saved the page the urls is intact so when it refreshes the page looks at the url. but when you save a page the url is taken out, unless it is hard coded. but once you have it on your pc just edit the page and take the url out. see, nonce you hav eit on your pc, there is nothign the iPage site can do from stopping you from viewing it. good thought though..

Comment #35

And these are "some" of the reasons why most people and companies now-a-days make their web servers deal with as much of the page content and client-sever data/interactivity as engineeringly possible....

That's why you get slow server responce times on popular sites. and they wind up having to implement some form of server regulation to increase speed. ie: clustering or dns peer transfering across various servers loaded with identical content.

Why can't everyone in cyberspace just get along and play nice, lol..

Comment #36

Sorry guys. I have to add my bit. to view a web page, your browser DOWNLOADS and STORES all html files, pictures, css files etc onto your pc, the browser then puts it all together acording to how the html instructs it. your temporary internet files will contain all of the html and pictures, the html file can be opened in notepad to be viewed and altered, the pictures can be copied and pasted onto a million other websites etc.. if anybodies really that desperate to not let anyone see the source code they have designed, then they shouldn't put it on the internet. may I suggest a bank vault..

Comment #37

Good topics never die.

I was thinking the other day that there are programs that are transferred to client when they come into webpage, for example something like what windows update is doing or seagate netchecks or something that works with your local filesystem..

Could this kind of program that intervenes with local computer files be written to crypter the data coming in and out from the server?..

Comment #38

Heres a question (stop me if I missed it earlier in the thread but someone at work mentioned this to me last week) but one way that "might" (theoretically) work would be to use flash to store 100% of your page and pics inside of. there wouldnt be a source to view and the only way you could save images would be to take a screenshot..

Of course this is a$$umming that the browser doesnt store the flash file offline in such a way that a visitor could open it in some flash decryption app or editor....

Whats your all's take on this?.

I dont knw flash or how it works (yet) but I believe it would store a flash file with source, images, and all offline in the browser's cache. sound right to you guys and gals?..

Comment #39

The only problem has allways been the screenshot, nothing can be done against it...

Comment #40

Ucm, text can still be copied, images can still be stolen, I don't see what else there is to hide through flash. Aside from the fact having a iPage site in all flash is poor practice... without an html backup...

Comment #41

I have a tendency to right-cliick randomly sometimes. When a iPage site wastes my time with that annoying "right-click disabled" popup window...I don't visit that iPage site ever again..

Just a thought....

Comment #42

I understand protecting images you made or whatever, but I don't like keeping HTML source private. Unless you're a real hotshot designer and get payed big bucks for the code you churn out, than maybe, but I think it's a nice gesture to other webdesigners to leave it open and let them learn too (if you have information that HAS to be hidden than that's a different story. Why, though, you would keep info like that in the HTML source, idk O_o )..

Comment #43

I was tried to capture a screen shot of a film that was playing inside of media player/divx/real player (i forget which) and everytime I pasted the screnshot into another application it captured the media player window and all te controls but the movie still was replaced by solid black..

Anyone know how this was disabled? Could this be the key?.

PS - Some of the clever cloggs out there should make a webpage containing a photo of themselves which they think is impossible to steal, post up the link to the page and the winner is te first person to email them a photoshopped version of themselves with a comedy moustache. If it is possible do it!!..

Comment #44

Could it be the key to what? all depends on how you capture he screen shot. print screen will not do it. and this has nothing to do with html protection...

Comment #45

STOMPFROG, although feel free to download that video and use an editor to cut out any frames you want. Nothing was disabled...

Comment #46


The key to making print screen not be able to capture images from a website. If it does not work in a video surely the same process could be applied to a website..


No idea what video you mean, I was talking about playing video files in general...

Comment #47

I made a page that made the image hard to get but by no means impossible...

Comment #48

You are talking apples and oranges now. You have way more security on the local PC then you do on the net. I would say still not possible.print screen is exactly what you see in the browser, not in an app...

Comment #49

Oh man you had to make this a sticky lol..

Comment #50

The longest running method I ended up with, after I went on this same path as buzincarl in the past, is simply to push teh code down about 60 lines. I have even fooled myself using this method..

Now, I resorted to not worrying about it, as mentioned above..

But, I figured that since this is a sticky topic, that it would be crucial to mention that you can use meta tags to eliminate google images and meta crawlers, and you can use robot files to keep alot of bad crawlers out of your files, and search engines from finding and publicizing your files. This will go a long way in combatting spam, and or privacy theft where applicable..

Comment #51

Yeah, actually, i've been caught by that a couple of times. It depends if the user sees the scroll bar or not...

Comment #52

Hide your html code..

I have seen it in a site. Not exactly hiding. But while checking the 'view soure' I got few ".

‖ Ď ď ‗ ‖.

" !!!.I don't know how they did this. Anyway, thats a good idea. show some characters instead of tags..

But, I can't remember that sit name now...

Comment #53

Not really hiding as you said, just encoded. Still crackable...

Comment #54

How can we do like that ? (encoding).

Any sites with that code?.

At least we can confuse normal users...

Comment #55

There are many sites that wil javascript encode for you. no recommended. just have to goolge it...

Comment #56

No amount of JS encoding has ever stopped me from stealing JS code from sites. Its just a matter of time and reading. The KEY to decoding encoded JS code IS IN THE JS CODE ITSELF. All you have to do is read....

It's like these DVD manufacturers, they're always inventing new ways to encode their DVD data so it cannot be copied (or even played in the wrong country) but it's only a matter of DAYS before someone figure out how to get aournd their new "security" methods and then next thing you know, everyone and their dog is copying DVDs again. lol!.

To the OP: The ONLY way to prevent people from stealing your code and/or images is to NOT put them online. It's simple, really...

Comment #57

Most successful websites don't use any form of code protection. I think people should be able to view the code so that they can learn from it. You will always have a few people who will want to steal your content/code. If it's copyrighted, you can take legal action against those who do steal or use your material without your permission. I wouldn't waste time on protecting it...

Comment #58

I am going to have to perfectly agree with AbstractCoder..

Comment #59

You could always patent it and then sue them if they take it..

Comment #60

You cannot patent html or images, but good thought none-the-less..

Comment #61

But in theory you don't need to, as the copyright is inherent in anything you make. If you made it, it's yours. Unless you copied it from someone else or you have sold it. I imagine code is difficult, because it's technically speaking a language, and you can't copyright a langugae. But you CAN copyright the order in which the words are written, in this case, code, and so: the design / layout..

So there is no need for patenting...

Comment #62

Hey, theres this php protector called sourcecop, anyone herd of this program??..

Comment #63

HTML code cannot be copyrighted. Images can by copyrighted. Words can be copyrighted...

Comment #64

I suppose if you mean watermarking them?.

I suppose you could do something like this:.


Thats an image which is actually a php file, but it's in image format,..

Comment #65

Um... Yes, that's PHP code, alright. But how exactly is that going to stop someone from copying that image?.

Have you tried to right-click it and save to your desktop? It saves as a what? That's right.... A PNG file, not a PHP file...

Comment #66

Actually, you can disable JavaScript source almost perfectly. How? You have the javascript file be referenced with some sort of dynamic passcode:.

<script src="javascript.aspx?passcode=32fj89vAJf89ejafjdsf"></script>.

And the dynamic passcode is only valid once. Now you say, "I can just get the js source from my IE cache in temporary internet files." But that is fixed by the following:.

<script src="javascript.aspx?passcode=32fj89vAJf89ejafjdsf"></script>.

<script src="javascript.aspx?passcode=32fj89vAJf89ejafjdsf"></script>.

Now you say, "What good is that? I can still get the js source from temporary internet files." However, the server-side code works as follows: the first time the correct dynamic passcode is requested ("32fj89vAJf89ejafjdsf") the actual js source is provided. The second time, a blank js file is provided. Any future requests are denied, because then the passcode has changed..

In IE, when multiple requests for a js are made, and they have the exact same name, any later ones OVERWRITE previous ones. So if you view the page with both js as shown above, you won't be able to type in "javascript.aspx?passcode=32fj89vAJf89ejafjdsf" in the browser because you'll get page cannot be found. You won't be able to view the js source in temporary IE files, because you'll just have a blank file (from the second request). However, the browser will still run the js correctly because it acquires both js and runs them both..

Just tell me how you can overcome that! I've tested what I've said above, and it works, too. And for those who say they can just request the source code using a "GET" request, and then request the first js file separately manually without taking the second request, I'll just have a time limit (say 0.3 seconds) between which the page source is requested and the dynamic passcode js is requested in order for it to work. Otherwise, you just get a blank file even with the correct dynamic passcode js used for the first time..

But you say, "I'll just write a program that makes the GET request and then requests the first dynamic js source within a 0.3 second time period." Well, if you're putting forth that much effort, then one of these two things is true:.

1) You're one of the top 1% programmers and you deserve the script because the other 99% would have given up by now..

2) You don't really want the script, but you're just trying to reverse engineer my script hider just for the fun of it..


~ mellamokb..

Comment #67

Well, show us a page where you have applied this and ill tell how fast I can read the code..

Comment #68

Mellamokb, what you just said is false. it doesn't matter what IE overwrites, it will still go into the cache. like Vege says, show us a way and we can show how easy it is...

Comment #69

Fine! Please navigate to the following link to see the challenges. You may either post here or e-mail me directly with the correct passcodes, and please detail how you found the passcodes:.


The second challenge uses dynamic loading of javascript, but the principle is still the same: two simultaneous requests to the same resource so that the second cached version overwrites the first cached version, and unless you use a tool different than a browser (IE5+ as is suggested), you will automatically have your cached version overwritten with the fake source. An external tool can obviously request the HTML source without also requesting the two JavaScript external files within the HTML source as browsers automatically do, but this type of programming need (or simple JavaScript AJAX request) is a little troublesome to do and should deter a lot of intruders..


~ mellamokb..

Comment #70

Sorry admins. Please delete those extra posts. Our internet's really crappy due to the weather, and I hit submit three or four times and didn't realize they all would get submitted. Sorry!.

~ mellamokb..

Comment #71

Sorry, but the javascript dont work in gekko browsers...

Comment #72

Hi Vege,.

I had a pretty good idea it wouldn't. I wrote IE5+ on the page because that's what I tested on. I'm demonstrating a concept, not cross-browser javaScript, so if you try it in IE5+ you can see what I mean. I'm not sure how gekko browsers treat caching, so from that perspective, everything I've said may be indeed null and void (as you've indicated in a previous post). I would have to experiment with gekko-based browser caching before I would want to create cross-browser scripting..

I'm a heavy proponent of using server-side technologies to hide information that you don't want users to see, and then giving them possibly full access to any client-side scripts to learn from, with maybe some sort of copyright notice. I am just trying to see if JavaScript source hiding is possible for my own entertainment, as I don't really have a use for it..


~ mellamokb..

Comment #73

Hi, this question is kind of related but not really..

What file permissions should HTML files have on a nix system have? 755 or 644, assuming it is just static code, maybe some javascript and nothing else? Someone told me 755 but why would HTML files need to be world executable?.


Comment #74

Hi all,.

I found this thread interesting. While I am nowhere near any of you who posted, all I know is basic HTML,.

I read through all this and came to some conclusions and would like to know if they are correct...

1. If you are going to put something out there, it can be taken. Really, even your PC is as risk let alone a website..

2. If you disable everything\hide it aside of backup and some basic precautionary\security steps, going overboard defeats the point of putting something out to the public..

3. If a person is that concerned with data\pictures, then simply do not make it public..

4. As far as stealing your material\data\hacking, it depends on how bad someone wants something and how important that web info is. Not many would go through the trouble of stealing pictures of stick figures, etc....

Now, these are not statements, just conclusions I came to after reading and that made some sense to me. Are these correct or no? Close even?.

Thank you much,.


Comment #75


HTML files should have only read permissions..

PHP files should have read+execute permissions..

UPLOAD folder should belong to apache group (so nonother than the webserver can write into it) and have 775 permissions...

Comment #76

Some of you may have encountered this puzzle previously it is a great challenge a good way to test your web authoring skills and a nice diversion from "headaching" coding sessions. It also illustrates the futility of trying to hide source code If you crack it, don't post your hidden message answer here just yet I will do so after a short while..



Comment #77

Thats a pretty cool test,.

Ill try to keep it vague for those that are still looking..

I found the embedded address I believe, in some contorted form, and didnt exactly feel like writing a code to decypher all the whole numbers to extract the address but it looks challenging a bit. looks like one would need to run a code to pull iterate through the rounded whole numbers divided by 4 then multiplied by 2, and use only the ones that follow the rules where the length is less than 3 times the string length..

Am I anywere near the answer? lol. but it looks obviously possible, if I'm on the right track. thats alot of work. otherwise, is it some more obvious solution near those lines?.

How about just viewing the headers to get the address, or using the DOM? would that work?.

Does look like a big headache to create an algorythm that would code your addresss in that form..

I await your answer..

Comment #78

Here is a clue..

Remember wolfdog that you can get the source from your catche folder and there alter those javascripts as alert commands to alert those "crypted" messages out.


Comment #79

Question in hand really is the way to prevent people taking screenshots of your art. There arent meny solutions to that...

Comment #80

Trick the user into downloading a program which allows the webmaster to control the P.C. and disable the prntscreen button..


Comment #81

Doh, I remember that now Vege, thanks for reminding me. I always shoot for the hard way I'm guessing, lol. if I could just get my brain to cypher correctly, then ill be on that path..

Comment #82

Watermark is the way to go =P.

But one question to this problem; are there any ways to kind of change the current image when the script detects printscreen? or when it detects the function sent to windows (or what operating system it runs on) whenever a program tries to print the screen into the memory? Wild-guess =P..

Comment #83


I am not going to say what every body else has said but I am very curious as to how you think you disabled all that?.

UAE & Dubai Real Estate & Property Portal.


Online Stock Trading & Investment Directory.


Sports Wholesalers & Suppliers Directory.


Something Directory..

Comment #84

You can't hide your HTML source code, no matter how much you try, you can't. You can protect your images from hotlinking with a .htaccess file on your server but it is impossible to hide your HTML...

Comment #85

Could you explain what to do in order to get a .htaccess file to prevent all of the images in it's folder from being hotlinkable?..

Comment #86

Everytime I stumble across a webpage that has even the slightest hint of those lame ass "protection" scritps I close the browser and never go back to that page again..

First of all, you DO NOT have anything to protect. And if you did, you wouldnt be using such lame methods. Second, did I mention how ****ing annoying it is?..

Comment #87

WOW! you're pretty upset at the whole thread O_O.

It wasn't any of our intents to upset anybody.

Please share anything you know of as far as being "better" than the currently described "lame" protection methods.. we're all ears..

Comment #88

If it's just a username and password just put it in a php..

Comment #89

Yes that's a good idea and even better if it was out of the document root folder...

Comment #90

The web technically is open source. So try as you may, you won't win...

Comment #91

The snipper tool is pre included in windows vista, and there are many other problems like that which can take full screen or cut parts of the screen or of an image without much time wasted..

Some websites also can copy the source code of a iPage website for you...

Comment #92

Delvin.friends, what? the print screen has been on keyboards way before 95 came out. No need to use any special software. But thanks for pointing it out...

Comment #93

I posted on another thread about viewing the source on another page and using it as a guide and I saw this discussion and wanted to make sure it was ok to do that. I did have one reply on my thread saying it was ok as long as I didn't copy it which I do not intend to do at all and my second question was this:.

I found a map image I want to put on my webpage but when I looked at the source infomation on "their" webpage I want to use the maps image html's" to create my own map and I do not know how I can make it my ownThis is the info that I want to "change" to make it appear on my webpage and I do not have a iPage website address because I am still creating my page "meaning I don't have a iPage website address" and I am not familar with changing or replacing the <img src info> because I have tried to leave this info "out see below" and the map image will not appear on my page. So how can I make a map image appear on my page?.

<div class="center" style="padding-bottom:1em">.

<img src="" alt="Map of United States" usemap="#states_imgmap" width="480" height="330" /><map id="states_imgmap" name="states_imgmap">.

*(The rest of the infomation on the map I did not type here it would be too long )*.

I do not want to do anything that is wrong but would like help with my second question..



Comment #94


I have disabled right click, source code, offline webpage, links in status bar, opera users, adobe web capture, text select, clipboard/printscreen, drag and drop, psage printing, encrypted the entire page, copy right blabla.... also protected image using server side script (php).

I think it's still possible but very limited now , what do you dudes think..

Thanks !!..

Comment #95

All they need to do is get on a Mac and a good portion of your scripts won't work...

Comment #96

Show me that you disabled all that stuff and I will prove you wrong. You cannot disable Offline webpage. Physically impossible. It will always be cached one way or another...

Comment #97

I, to, want to know how he did this...

Comment #98

Also not to mention you do not need to right click to view source. Just go to tools, view source in IE, or view and page source in FF and presto.......

Comment #99

I have read your problem. I can't stop any one to view sourceYes can I stop for that I have to purchase tools. Without tools it can't be possible...

Comment #100

I really don't understand does this website.

Link Removed.

Developed by HTML?..

Comment #101

Engineershahin, that link was not appropriate for a family forum. And your question doesn't make sense...

Comment #102

Hi people, first post here..

What about getting a new attribute added to HTML specification..

For example NOCOPY=yes. <img src="mypic.jpg" nocopy="yes">.

This could be added to an image, or to other elements including divs etc..

Browsers which understood this html attribute would allow right click on images etc, but the 'copy' or 'save picture as' would not appear in the context menu. Likewise 'edit > copy' would be disabled if image is highlighted..

This would help casual stealers of images, of course not die hards..

Ok, in the real world getting something added to HTML is pretty major - but nicking of images is a huge problem..

What d'ya think?..

Comment #103

Taking it away form the context menus is possible, but you still have the image in your temporary internet files. You cannot stop that form caching. Good idea none the less...

Comment #104

Ya tats rite venton it makes a huge problem in this way..


Comment #105

Wonderful post. Thank you for putting your thoughts so precisely...

Comment #106

Won't a webpage always be cached in Google or search engine, unless you have blocked your entire site?..

Comment #107

I think dreamweaver has an option to disable your code to the public to see....


Comment #108

Lupe502, that does not stop anybody from seeing your code...

Comment #109

True, I tested that uploaded it saved page as and uploaded to a host but the links dont work, they can still visually see the page...

Comment #110

Nice opinion, there no need to view source of something....


Indianapolis seo..

Comment #111

I still don't understand why he's trying so hard to protect his content. It's impossible to do so, and chances are nobody wants it anyway...

Comment #112

Does anyone know when you use HTML PROTECTER if you just send the encrypted files to your server are the original ones as well.

Thank you.


Comment #113

If we are protecting or content, images and html code by using some application, will it be readable for bots or they will not be able to read the content on website?..

Comment #114

The need of protection and the following steps are conditional. Why do you want such protection is the question with the answer inherent in it..

Do you want to stop people from copying images or text or whatever..

People will do anyways,they have ways of doing this..

Source Code is visible..

Best is to make the information which is streamlined to provide only the 'needed' information (from your side). Other important information can be provided to genuine people [which you will decide upon.


Comment #115

Such a nice threadI have learned some good stuff from this. Thanks for sharing.Keep sharing........

Comment #116

I read some where that if you disable all the features as mentioned by you when people try to move from one page to another new will not be possible..not sure where I read this...

Comment #117

It makes sense to me, Vege. If you implement *all* the 'safety codes' to keep people from stealing your content/images, you run the risk of not having your iPage site navigation work. I don't know how that's possible, to be honest, but that many javascripts and such lurking about does give a lot of room for possible errors and conflicts...

Comment #118

You have disabled right click, source code, offline webpage, links in status bar, opera users, abode web capture, text select, clipboard/printscreen, drag and drop, psage printing, encrypted the entire page, and protected image using server side script. It's true, possibility is very limited. The keyboard can provide help in this regard. The requirement is to pursue some research in this scenario...

Comment #119

True, I tested that uploaded it saved page as and uploaded to a host but the links dont work, they can still visually see the page..


Comment #120

How can I use it ?I think it is good ,someone teachs me wiil be more perfect..

Comment #121

Its very difficult to stop some one from viewing your content/source code or anything. It can be done but it not so necessary to do so...

Comment #122

Sorry, it is impossible, so do not tell people it can be done. There is not one thing you can do that somebody cannot get the source. Please don't put false hope into this thread...

Comment #123

Hi everyone,.

I have just now signed in to this forum. I have been dealing with HTML e-mails for years now and have found that Outlook and Hotmail are the two worst of the bunch. I have had little to no problem with AOL. I would consider the former the dreaded ones! It's too bad Microsoft can't get their own products to render the same. They also do not care about developers all that much with their decision to still use Word to render their HTML e-mails in Outlook. Such a shame they completely ignored a huge iPage blog posting on their iPage site with people practically begging and pleading for them to stop them from using Word...

Comment #124

Give me the URL of such iPage site and ill show you how I can download images, scripts, etc. the only way you can do all what you said is by changing the advanced settup for your browser and if you do so you will be hiding all that only to yourself not for the people that visit that site...

Comment #125

I didn't know you can protect javascripts but I found a way to protect images, I have tested my code in seven computers with differents browsers and it works except in the last version of ff..

-My code doesn't allow the option save image as or alike when right clicked, I used css for this..

-My code doesn't allow the image to show up when typed the url in the browser or try it..

My code is a combination of css and .htaccess can someone figure it out?.

Edit: only few .jpg images can be downloaded not by right clicking on the image, but by typing thr image's url in the browser..

Test it go to

You will see a lot of images try to see them..

Now go to a lot of the images in.


Are being used in this webpage but they are inserted by css which disable the option save image as on browsers..

Now you can say to me: You are awesome!.

I know I dont need to do this but I worked hard for this iPage website so why not to protect my images...

Comment #126

You do realise that all one needs to do is visit your page and then they have all your images stored in their temporary internet folder right?.

The only way to protect your images is to not upload them..

No you're not awesome, your just wasting your bandwidth with pointless protection..

Comment #127

Oh I forgot to write: good luck finding the images in your temp folder, you can find them but will take couple of hours, you should know how complicated are temp files, right! Now not everybody knows that one...

Comment #128

This question was taken from a support group/message board and re-posted here so others can learn from it.