HTML Source Encryptor

There are many programs out there that claim to be able to encrypt your HTML source. Many of these charge you for their software. Please save your money, or if you prefer make a donation to this site instead.

On this page I am providing a free javascript that is as effective at protecting your source as many of these programs that you could buy and which works with any browser that understands Javascript 1.2 (IE 4+, Netscape 4+, Opera 6+, Mozilla, etc). At the bottom of the page you will find information on how to manually apply many of the other so called protection methods used by encryption software that block many of the more commonly used methods of accessing the encrypted version of your page source.

The first step is to create a custom decryptor script to include in the <head> section of your page. To do this enter the address of your site into the box below and then click on the decryptor button. You can also select to add code to block select and print in some browsers and to block filenames from displaying in the status bar. You probably don't want to apply the "disable select" to pages that contain forms as this will interfere with your visitors from being able to copy and paste their content in your form.

Your custom decryptor Javascript to paste into the head section of pages on your site that will contain encrypted code will appear in the box below. All that I ask is that when you use this code that you please keep the copyright notice at the top.

Note: The source for these form are themselves encrypted using the encryption scripts that they generate and the context menu has been disabled on this page (but is not necessarily completely disabled by the script).

Any of the pages on your site where you include the above code in the head section of the page can now use source encrypted by the process below. Note that the decryptor is customized for your site and so the decrypted version of your encrypted text will disappear from the page if the page is copied from your site. In fact, if the page is copied from your site the encryptor script will automatically load the home page for the site address that you specified when you created it in place of the copied page.

You can encrypt any part of your page source that will appear in the <body> section of the site by entering the code for that part of your page into the box below and then clicking the encrypt button. The encrypted version of that page source will appear in the box below. This code (although it may not look like it) is actually Javascript and so should be placed into your page inside of <script> tags the same as you would any other Javascript.

Note that you should only select to add the iframe to the last piece of encrypted code on your page. Also the "disable context menu" option will only be effective at blocking access to the context menu for the whole page if the entire body content of your page is encrypted in one go.

If you are encrypting Javascript instead of HTML then the code needs to be surrounded by script tags before you encrypt it in order to "convert" it to HTML. You can add this automatically by checking the "Source is Javascript" checkbox.

Still not sure what to do with the encrypted javascripts generated above? The following shows an outline of some of the tags in your source to show where the code above needs to be placed (shown in bold). Note that all of the necessary parameters on the tags are not shown. You can have multiple encrypted source scripts in the same page if necessary, you will still only need one copy of the decryptor script in that instance.

... // normal title, meta tags, scripts and stylesheets
// Decryptor script goes here.

<body >
... // unencrypted page source
// encrypted source script goes here.

... // unencrypted page source

There are a few limitations in the use of this encryption. Firstly, your visitor must be using a browser that supports Javascript 1.2 and have Javascript enabled in order for them to see the part of your page that you have encrypted.

This encryption should be effective at blocking spam spiders from harvesting the email addresses from your page if those addresses are encrypted. It should also be effective at stopping site strippers and other spiders from following any links to other pages where you have encrypted the link code. Where this encryption is not effective (like all other page encryption programs) is that it does not stop anyone from accessing the source code of your page if they want it.

Because the decryptor is encoded for your site, source code thieves cannot just copy the encrypted code from your site to theirs, they would have to first break the encryption (a trivial task if you know how) and then post the readable version on their site. This should make it easier to search for unauthorized copies of your page source and gives the thieves a few extra tasks to perform in order to steal your page. Once they have a readable version of the source there is nothing of course to stop them from doing what they want with your source. The decryptor script becomes entirely superfluous at that point as they can just delete it along with all of the encrypted code.

No one can steal your decryptor script because the script is customized for your particular site. To use this encryption they would need to visit this page and obtain their own copy of the script.

Additional Methods of "Protecting" your page.

The above script can apply a few additional forms of protection which also interfere with the way that your visitors can interact with your page. The following can also be used in addition to the above encryption to make it more difficult for others to access your page source but at the cost of making your page slower and interfering with your regular visitors enjoyment of your pages:

I recommend that if you are using these methods to try to reduce the chances of your page content being stolen that you also add a copyright notice into all of your images.

Felgall Pty Ltd accept no responsibility for theft of any data encrypted with the Javascript on this page. This encryption, like all html encryption is very easy to bypass when you know how. Web Page Protection covers includes all of the security measures discussed above and more and actually applies all of the methods discussed so that you can see for yourself how ineffective they are.


This article written by Stephen Chapman, Felgall Pty Ltd.

go to top

FaceBook Follow
Twitter Follow