How to Encrypt HTML Source Code Output Using PHP

How to encrypt HTML source code output using PHP

While, as @Jeff said, you can't encrypt your HTML output, you can obfuscated it to make it more difficult for a human to understand. Here is a link to a free product that does just that.

How to encrypt HTML source code?

This article covers a number of techniques including:

  • Source Code Padding
  • No Right Click Scripts
  • "JavaScript Encryption"
  • HTML Protection Software

However the article concludes:

Unfortunately, the short answer to this question is, you can't [hide your source code]. There have been various methods put forth, but all of these are easily circumvented. In the end, the only sure fire way to make sure no one can steal your source code is to never put it on the Internet at all.

How to encrypt my HTML, PHP & JavaScript?

Neither html nor javascript can be encrypted, else the browsers would not be able to interprete it and your visitors would not be able to view your site. Dot. End. Compression tools may boost performance a little but will not really help against copyright infringement.

Your php-programs generate html, your visitors will always be able to see your html, but if your server is configured properly no one should ever see your php.

How to disable or encrypt View Source for my site

Fero,

Your question doesn't make much sense. The "View Source" is showing the HTML source—if you encrypt that, the user (and the browser) won't be able to read your content anymore.

If you want to protect your PHP source, then there are tools like Zend Guard. It would encrypt your source code and make it hard to reverse engineer.

If you want to protect your JavaScript, you can minify it with, for example, YUI Compressor. It won't prevent the user from using your code since, like the user, the browser needs to be able to read the code somehow, but at least it would make the task more difficult.

If you are more worried about user privacy, you should use SSL to make sure the sensitive information is encrypted when on the wire.

Finally, it is technically possible to encrypt the content of a page and use JavaScript to decrypt it, but since this relies on JavaScript, an experienced user could defeat this in a couple of minutes. Plus all these problems would appear:

  • Search engines won't be able to index your pages...
  • Users with JavaScript disabled would see the encrypted page
  • It could perform really poorly depending the amount of content you have

So I don't advise you to use this solution.

How to hide the source code of a HTML page

You can disable the right click, but that's a bad idea because expert minds can read anything from your page.
You cannot totally hide the page source - this is not possible. Nothing is secure enough on the Internet.

In any case, you can encrypt it and set a password.
You can utilise this link - it will encrypt your HTML page with a password.

First up, disable the right click, by writing out this script, right after the tag.

<SCRIPT language=JavaScript>

<!-- http://www.spacegun.co.uk -->

var message = "function disabled";

function rtclickcheck(keyp){ if (navigator.appName == "Netscape" && keyp.which == 3){ alert(message); return false; }

if (navigator.appVersion.indexOf("MSIE") != -1 && event.button == 2) { alert(message); return false; } }

document.onmousedown = rtclickcheck;

</SCRIPT>

Then, encrypt all of it, in this website, called 'AES encryption'.

Link - http://aesencryption.net/

You need to set a password to decrypt it ....you choose the password.

After encrypting it, you can just write a basic HTML page just putting into the <head> tag once again the script to disable the right click, into the <body> tag you code and hide everything just writing at top of the page <html hidden>.

Example

<!DOCTYPE html>
<html hidden>
<head>
<SCRIPT language=JavaScript>

<!-- http://www.spacegun.co.uk -->

var message = "function disabled";

function rtclickcheck(keyp){ if (navigator.appName == "Netscape" && keyp.which == 3){ alert(message); return false; }

if (navigator.appVersion.indexOf("MSIE") != -1 && event.button == 2) { alert(message); return false; } }

document.onmousedown = rtclickcheck;

</SCRIPT>
</head>
<body>
--here, you put the encrypted code from the link above--

</body>
</html>

Where it is written var message = "function disabled"; you can write for example something like 'This page cannot be viewed' or something which will annoy most of the users and will just leave. ['This page is unavailable' and so on ....].

Finally, you will see a blank page with a message coming up as soon as you right click the page. The message will be something like 'This page is no longer active'.

Example 

  <SCRIPT language=JavaScript>

    <!-- http://www.spacegun.co.uk -->

    var message = "**This page is no longer active**";

    function rtclickcheck(keyp){ if (navigator.appName == "Netscape" && keyp.which == 3){ alert(message); return false; }

    if (navigator.appVersion.indexOf("MSIE") != -1 && event.button == 2) { alert(message); return false; } }

    document.onmousedown = rtclickcheck;

    </SCRIPT>

I do know that one can remove the <html hidden> or the Javascript script with some add-ons such as Firebug but anyway you will need to decrypt the code with a password in order to see the real page.
Expert users might view the source code with a Brute Force attack, I think.
So, nothing is safe.

I found out an application that you need to instal on your computer.
There is a feature in the Enterprise version but you must pay to get it. This feature is a tool which encrypt your HTML page creating an ultra-strong password encryption for HTML files using up to 384 bit keys for encryption [the link I wrote above uses up to 256 bit keys for encryption].
I have never tried it out, though, because it is not for free.

Anyway, the link of the software 'HTML Guardian' - http://www.protware.com/default.htm
For the feature about the encryption, merely click on 'Ultra-Strong HTML password protection' in the page.

Encrypting PHP page

As stated by others, php code is not accessible to the public, unless your server is wrongly configured or hacked in some way.

However, the form data is sent between the client and server unencrypted. For sensitive data(e.g. Passwords), this has security problems. To solve this you need to buy an SSL certificate. Most hosting companies can sell you this.

Bear in mind the final output source of HTML, CSS and JavaScript will always be visible of the user, due to the way the web works. For many people, this openness is what makes the Internet so great.


Related Topics

Detect Eol Type Using PHP

Randomize a PHP Array with a Seed

Create a Zip File Using PHP Class Ziparchive Without Writing the File to Disk

What Is the Best Method for Getting a Database Connection/Object into a Function in PHP

Setting PHP Enviromental Variable While Running Command Line Script

How to Get the Root Url of the Site

Laravel Catch Eloquent "Unique" Field Error

How to Add 5 Minutes to Current Datetime on PHP < 5.3

PHP Splitting an Array into Two Arrays - Keys Array and Values Array

How to Get the Absolute Path to the Public_HTML Folder

Object Copy Versus Clone in PHP

Paypal Ipn Bad Request 400 Error

How to Tag a User in a Photo Using the Facebook Graph API

Why Is Object Oriented PHP with MySQLi Better Than the Procedural Approach

Laravel 4 - Including a "Partial" View Within a View (Without Using Blade Template)

Codeigniter 3 - Access Session from Outside Codeigniter Installation

Flip (Transpose) the Rows and Columns of a 2D Array Without Changing the Number of Columns

Changes to Upload_Max_Filesize in Ubuntu PHP.Ini Will Not Take Effect


Leave a reply



Submit