Avoid Page Save

sisira

hi,

i Want to Avoid My Site Visitors From Saving Pages in The web Site. And Further Copying Images and Linking Images to there sites leading to they using my band width. And i want my visitors from avoiding viewing the source code in their browser.

I want to do this either to the whole site
or from page to page
or by .htaccess

i know someone can help me

thanks
sisira

bpat1434

The only way to 99% guarantee that they won't link to specific images is to make your site 100% flash. Even then they can use screenshots and modify them or get a swf decompiler to grab the swf and get the library elements.

The other way is to serve all your images through a php script and check the HTTP_REFERER and see if it's from your own site. If not, then show a dummy image, otherwise show the real image.

And of course with .htaccess you could deny direct access to files ending in .jpg .gif .png .bmp; although I'm not 100% sure if that would require you to use relative urls ( i.e. /images/myimage.jpg ) and not direct urls ( i.e. http://www.domain.com/images/myimage.jpg ).

sisira

hi,

i tried avoiding image copy using .htaccess. But it doesnt work. The images can be saved as before. This is my .htaccess coding

order deny,allow

<Files ~ ".(php|php.*|sphp|php3|php4|php5|phtml|cgi|pl|shtml|dhtml|html|htm)$">
deny from all
</files>

<files index.php>
allow from all
</files>

<files audl.php>
allow from all
</files>

<files bar.php>
allow from all
</files>

<files upload.php>
allow from all
</files>

<files ~ "^.">
deny from all
</files>

deny from 125.234.85.223
deny from 117.2.14.66

RewriteEngine on
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^{http://(www.)?mydomainname.com/.*$} [NC]
RewriteRule .(gif|jpg)$ - [F]

But it doent work. why? And Further is there any way that i can use .htaccess to avoiding saving a page and viewing the source code

thanks freind
sisira

bpat1434

I'm not 100% sure that you can do deny from all or allow from all inside of a <FilesMatch> element. I'm off to bed, but have a look in the docs to see where that config option can go. I think it has to be inside of a vhost config, the main config, or generally in a .htaccess, not inside a files match (although I could be wrong).

As for saving the page and viewing the source, there's no real way to prevent that. Even with a javascript hack to disable right click, you still have the toolbar ability to view the source.

Of course, you could always encode your pages, and use javascript to dynamically generate teh content of the html, but instead of just using general javascript, minify or compress it so it's more illegible.

Still, items like Firebug and other tools will allow you to inspect the currently displaying HTML regardless of how it's put there.