11

I created an HTML page and now would like to hide the source code and encrypt it.

How can I do that?

Patrick Hofman
  • 153,850
  • 22
  • 249
  • 325
Francis
  • 161
  • 1
  • 2
  • 7
  • There is actually a website with this kind of example: https://therickroll.com/ If you click Ctrl+U, There isn't any source code. – Sid110307 Jun 17 '21 at 14:43

7 Answers7

17

You can disable the right click, but that's a bad idea because expert minds can read anything from your page. You cannot totally hide the page source - this is not possible. Nothing is secure enough on the Internet.

In any case, you can encrypt it and set a password. You can utilise this link - it will encrypt your HTML page with a password.

First up, disable the right click, by writing out this script, right after the tag.

<SCRIPT language=JavaScript>

<!-- http://www.spacegun.co.uk -->

var message = "function disabled";

function rtclickcheck(keyp){ if (navigator.appName == "Netscape" && keyp.which == 3){ alert(message); return false; }

if (navigator.appVersion.indexOf("MSIE") != -1 && event.button == 2) { alert(message); return false; } }

document.onmousedown = rtclickcheck;

</SCRIPT>

Then, encrypt all of it, in this website, called 'AES encryption'.

Link - http://aesencryption.net/

You need to set a password to decrypt it ....you choose the password.

After encrypting it, you can just write a basic HTML page just putting into the <head> tag once again the script to disable the right click, into the <body> tag you code and hide everything just writing at top of the page <html hidden>.

Example

<!DOCTYPE html>
<html hidden>
<head>
<SCRIPT language=JavaScript>

<!-- http://www.spacegun.co.uk -->

var message = "function disabled";

function rtclickcheck(keyp){ if (navigator.appName == "Netscape" && keyp.which == 3){ alert(message); return false; }

if (navigator.appVersion.indexOf("MSIE") != -1 && event.button == 2) { alert(message); return false; } }

document.onmousedown = rtclickcheck;

</SCRIPT>
</head>
<body>
--here, you put the encrypted code from the link above--

</body>
</html>

Where it is written var message = "function disabled"; you can write for example something like 'This page cannot be viewed' or something which will annoy most of the users and will just leave. ['This page is unavailable' and so on ....].

Finally, you will see a blank page with a message coming up as soon as you right click the page. The message will be something like 'This page is no longer active'.

Example 

  <SCRIPT language=JavaScript>

    <!-- http://www.spacegun.co.uk -->

    var message = "**This page is no longer active**";

    function rtclickcheck(keyp){ if (navigator.appName == "Netscape" && keyp.which == 3){ alert(message); return false; }

    if (navigator.appVersion.indexOf("MSIE") != -1 && event.button == 2) { alert(message); return false; } }

    document.onmousedown = rtclickcheck;

    </SCRIPT>

I do know that one can remove the <html hidden> or the Javascript script with some add-ons such as Firebug but anyway you will need to decrypt the code with a password in order to see the real page. Expert users might view the source code with a Brute Force attack, I think. So, nothing is safe.

I found out an application that you need to instal on your computer. There is a feature in the Enterprise version but you must pay to get it. This feature is a tool which encrypt your HTML page creating an ultra-strong password encryption for HTML files using up to 384 bit keys for encryption [the link I wrote above uses up to 256 bit keys for encryption]. I have never tried it out, though, because it is not for free.

Anyway, the link of the software 'HTML Guardian' - http://www.protware.com/default.htm For the feature about the encryption, merely click on 'Ultra-Strong HTML password protection' in the page.

Francis UK
  • 194
  • 1
  • 3
  • Seen this, but is there a way to do this encryption and allow the user to use the web page with the page source having the encrypted page? What I have noted on trial of this is that even the user can't access the web page contents. – lobjc May 26 '20 at 16:03
11

You cannot hide the source code, but you can add some difficulties to see your source code by following way

1. Disable right-click:

<body oncontextmenu="return false">

2.Disable ctrl, u, F12 keys:

<script type="text/javascript">
    function mousehandler(e) {
        var myevent = (isNS) ? e : event;
        var eventbutton = (isNS) ? myevent.which : myevent.button;
        if ((eventbutton == 2) || (eventbutton == 3)) return false;
    }
    document.oncontextmenu = mischandler;
    document.onmousedown = mousehandler;
    document.onmouseup = mousehandler;
    function disableCtrlKeyCombination(e) {
        var forbiddenKeys = new Array("a", "s", "c", "x","u");
        var key;
        var isCtrl;
        if (window.event) {
            key = window.event.keyCode;
            //IE
            if (window.event.ctrlKey)
                isCtrl = true;
            else
                isCtrl = false;
        }
        else {
            key = e.which;
            //firefox
            if (e.ctrlKey)
                isCtrl = true;
            else
                isCtrl = false;
        }
        if (isCtrl) {
            for (i = 0; i < forbiddenKeys.length; i++) {
                //case-insensitive comparation
                if (forbiddenKeys[i].toLowerCase() == String.fromCharCode(key).toLowerCase()) {
                    return false;
                }
            }
        }
        return true;
    }
</script>

3. Add to lots of white spaces to before you staring your codes

it may fool someone

Naveen DA
  • 4,148
  • 4
  • 38
  • 57
3

There isn't really anyway to do it that would stop a someone who is sophisticated.

DominationD
  • 31
  • 1
2

There isn't really a way to do that. Perhaps the only thing you could do is to disable the right click feature via JavaScript, but still that wouldn't stop a user who's experienced enough to copy it. However, check this out.

arnaudoff
  • 686
  • 8
  • 20
2

for php, separate the code you don't want seen from the rest of your code with:

<?php 
    for($i=0;$i<1000000;$i++){
        echo "\n";
    } 
?>
<some html="what you want to hide">
<?php 
    for($i=0;$i<1000000;$i++){
        echo "\n";
    } 
?>

This will effectively kill the view source aspect (at least for a few minutes) if it is a viewing source, he will not wait for the results. Also, this does not seem to slow the page load

richardwhitney
  • 506
  • 1
  • 6
  • 21
1

I know, it's a little late, but I guess you are looking for something called obfuscation. For Javascript files for example are many obfuscation tools available that you can use for the build process of your webpage. The code is transferred in an unreadable format. Some VPS providers are offers plugins that run during the build process and do that job for you.

Erik Metz
  • 152
  • 1
  • 4
1

As many have said, there's no real way to hide source code. There's been some good suggestions but I haven't seen this. This will encode it so nobody can read it, and it will 100% work for HTML. Only thing is anyone smarter than a light bulb will be able to decode it the same way it was encoded. You also cannot encode JavaScript or PHP; HTML only. developers.evrsoft.com offers a free encoder. But again, it can be decoded as quickly as it was encoded.
It'll look like this:

<h1>This will be encoded</h1>

Will be:

<script>
<!--
document.write(unescape("%3Ch1%3EThis%20will%20be%20encoded%3C/h1%3E"));
//-->
</script>

Again, don't encode PHP or JS.

WaXxX333
  • 388
  • 1
  • 2
  • 11