Encrypt HTML Server Side

Forum Moderators: phranque

Message Too Old, No Replies

Encrypt HTML Server Side

djmweb

4:17 pm on Mar 13, 2007 (gmt 0)

I sell website templates and looking for a program or script that will run on my server that will encrypt the html pages that I upload. There are a lot of html encrypting software programs but they all require you to encrypt the html pages on your computer and then upload them. I am looking for something that will encrypt the pages server side.

Can anyone recommend a solution or software that will do this? I have looked everywhere for a solution and am thinking I might have to create a custom PHP script that will do this.

jtara

7:03 pm on Mar 13, 2007 (gmt 0)

You don't say what kind of hosting package you have.

If you have a VPS, dedicated machine, or other hosting package that allows you to shell and root access and the ability to install software, there are a number of encrypting filesystems available for Linux.

If you have shell access, but not root access, you will have to look for an encrypting filesystem such as EncFS or CryptFS that runs in user space (most likely using the FUSE library).

If you just want to encrypt specific files there are plenty of solutions available, staring with the "crypt" program that is included in almost any Linux or Unix release.

On second read, it isn't clear that you are looking for encryption software. It looks like you are looking for some means to protect your HTML source code from prying eyes. At best, this is "obfuscation", not encryption, since to be usable, the HTML must be readable. I suppose one could also encrypt and use Javascript-based decryption, but as a customer I wouldn't want to take the performance hit.

cmarshall

7:18 pm on Mar 13, 2007 (gmt 0)

Some other threads along this vein:

[webmasterworld.com...]

There's others. This ain't a new topic.

djmweb

3:46 am on Mar 14, 2007 (gmt 0)

Thanks for the links cmarshall but I think this is a new topic because I am not looking for html protector software that runs on my computer. I am looking for a program or script that will run on my server that will encrypt all of my sites. I havent found anything that will do this but was hoping someone could send some suggestions.

bill

4:11 am on Mar 14, 2007 (gmt 0)

Do you want people with browsers to be able to see these HTML pages?

cmarshall

2:31 pm on Mar 14, 2007 (gmt 0)

I am not looking for html protector software that runs on my computer.

Most of these discussions center around having encrypted content on the server, regardless of how it got there. It wouldn't be difficult to encrypt stuff on the server. You could write your own script in a few minutes.

The trick is, is that you cannot run a Web site with encrypted content. The only reason to have encrypted content on the server is as stored packages for deployment via a sales outlet or other delivery mechanism.

The closest thing you can have to running an end-to-end encrypted connection is SSL, and I don't think that's what you are looking for.

Maybe we are a bit unclear on why you want encrypted content on the server.

1) The HTML/CSS/JS is encrypted on the server as packages for delivery. The user buys a template, and you send them an encrypted package with the decryption key. They then decrypt the files and deploy them on their own server, where the files will be open.

2) The HTML/CSS/JS is encrypted on the server for immediate use, and the site visitor cannot see or copy the code.

#1 is possible. #2 is impossible.

By the way, welcome to WebmasterWorld.

djmweb

5:16 pm on Mar 29, 2007 (gmt 0)

Thanks for all the info.

I would like people to be able to view the working version of the template in their browser so I guess I would want to use obfuscation as suggested by jtara.

Would this be something I could do with a script on my server?

bill

1:35 am on Mar 30, 2007 (gmt 0)

You can still see obfuscated code. One of the great old tricks was to put a few hundred line returns at the beginning of the source. When someone tries to check the source it looks like a blank page.

If you're really trying to protect the code of an HTML template then send samples of your work as a PDF.