As the subject suggests I want to encrypt my aspx pages on a website I've recently developed.
Naturally because I've spent a large chunk of my time working the site out I don't want some lazy bastard who can't be arsed to take the time to figure out how to do it himself to steal my code.
I have looked at HtmlProtector, and whilst it encrypts the html sections it does not work on the asp sections of the pages.
Could someone please suggest a program that will allow me to encrypt the source code.
Thanks in advance for any suggestions.
Encrypting ASPX source code
Moderator: Thanas
Um... what's the point? It's not as if a person accessing the page will be able to see the source code, because it gets compiled when the page is first accessed. To actually see your source, they'd need ftp access or similar to be able to get the asp page itself, which they should be able to get.
"preemptive killing of cops might not be such a bad idea from a personal saftey[sic] standpoint..." --Keevan Colton
"There's a word for bias you can't see: Yours." -- William Saletan
"There's a word for bias you can't see: Yours." -- William Saletan
Re: Encrypting ASPX source code
I'm confused. If your server is working write, your users should never be able to see your ASPX source code.Mr CorSec wrote:As the subject suggests I want to encrypt my aspx pages on a website I've recently developed.
Naturally because I've spent a large chunk of my time working the site out I don't want some lazy bastard who can't be arsed to take the time to figure out how to do it himself to steal my code.
When someone requests an ASPX page, the server runs a routine that builds an HTML page to your specifications and sends that; the original ASPX code never gets sent to the user's browser.
"This is supposed to be a happy occasion... Let's not bicker and argue about who killed who."
-- The King of Swamp Castle, Monty Python and the Holy Grail
"Nothing of consequence happened today. " -- Diary of King George III, July 4, 1776
"This is not bad; this is a conspiracy to remove happiness from existence. It seeks to wrap its hedgehog hand around the still beating heart of the personification of good and squeeze until it is stilled."
-- Chuck Sonnenburg on Voyager's "Elogium"
-- The King of Swamp Castle, Monty Python and the Holy Grail
"Nothing of consequence happened today. " -- Diary of King George III, July 4, 1776
"This is not bad; this is a conspiracy to remove happiness from existence. It seeks to wrap its hedgehog hand around the still beating heart of the personification of good and squeeze until it is stilled."
-- Chuck Sonnenburg on Voyager's "Elogium"
-
Perseid
- Padawan Learner
- Posts: 357
- Joined: 2005-03-10 09:10am
- Location: Somewhere between Here and There
Re: Encrypting ASPX source code
My primary concern is that someone might decide to reverse engineer the code somehow.Ted C wrote:I'm confused. If your server is working write, your users should never be able to see your ASPX source code.Mr CorSec wrote:As the subject suggests I want to encrypt my aspx pages on a website I've recently developed.
Naturally because I've spent a large chunk of my time working the site out I don't want some lazy bastard who can't be arsed to take the time to figure out how to do it himself to steal my code.
When someone requests an ASPX page, the server runs a routine that builds an HTML page to your specifications and sends that; the original ASPX code never gets sent to the user's browser.
Re: Encrypting ASPX source code
Is it really that valuable to you?Mr CorSec wrote:My primary concern is that someone might decide to reverse engineer the code somehow.Ted C wrote:I'm confused. If your server is working write, your users should never be able to see your ASPX source code.Mr CorSec wrote:As the subject suggests I want to encrypt my aspx pages on a website I've recently developed.
Naturally because I've spent a large chunk of my time working the site out I don't want some lazy bastard who can't be arsed to take the time to figure out how to do it himself to steal my code.
When someone requests an ASPX page, the server runs a routine that builds an HTML page to your specifications and sends that; the original ASPX code never gets sent to the user's browser.
It's not like plain HTML (or ASP) hasn't been done elsewhere. As said above, the actual ASP code stays on the server and never leaves in any form, only the stuff it generates (the HTML). Unless your app is thousands of lines long and/or does something valuable/unique, it's not worth protecting (and this is your ASP which never leaves the server in the first place). If you're silly enough to bother encrypting the generated HTML, there is stuff that will do it for you w/ javascript, but it can be trivially cracked (since the browser has to see it), and you'll really cut down your compatibility.
Since you need someone to explain these things to you, it's doubtful it's worth hiding.
Last edited by Pu-239 on 2006-10-30 11:45am, edited 1 time in total.
ah.....the path to happiness is revision of dreams and not fulfillment... -SWPIGWANG
Sufficient Googling is indistinguishable from knowledge -somebody
Anything worth the cost of a missile, which can be located on the battlefield, will be shot at with missiles. If the US military is involved, then things, which are not worth the cost if a missile will also be shot at with missiles. -Sea Skimmer
George Bush makes freedom sound like a giant robot that breaks down a lot. -Darth Raptor
Your code is almost certainly not worth the effort of reverse engineering, even if they could get something other than the output.
"preemptive killing of cops might not be such a bad idea from a personal saftey[sic] standpoint..." --Keevan Colton
"There's a word for bias you can't see: Yours." -- William Saletan
"There's a word for bias you can't see: Yours." -- William Saletan
While someone might be able to reverse-engineer the HTML to figure out what ASP.NET tags you used, it would be pretty near impossible for them to figure out the underlying logic that manipulates your data.
When you get down to it, a certain amount of code-copying is impossible to prevent when you put a page on the internet, and there's probably nothing so special about your ASP.NET code that it's worth protecting.
Nonetheless, you can put a copyright disclaimer in your template to discourage casual copying, if you so desire.
When you get down to it, a certain amount of code-copying is impossible to prevent when you put a page on the internet, and there's probably nothing so special about your ASP.NET code that it's worth protecting.
Nonetheless, you can put a copyright disclaimer in your template to discourage casual copying, if you so desire.
"This is supposed to be a happy occasion... Let's not bicker and argue about who killed who."
-- The King of Swamp Castle, Monty Python and the Holy Grail
"Nothing of consequence happened today. " -- Diary of King George III, July 4, 1776
"This is not bad; this is a conspiracy to remove happiness from existence. It seeks to wrap its hedgehog hand around the still beating heart of the personification of good and squeeze until it is stilled."
-- Chuck Sonnenburg on Voyager's "Elogium"
-- The King of Swamp Castle, Monty Python and the Holy Grail
"Nothing of consequence happened today. " -- Diary of King George III, July 4, 1776
"This is not bad; this is a conspiracy to remove happiness from existence. It seeks to wrap its hedgehog hand around the still beating heart of the personification of good and squeeze until it is stilled."
-- Chuck Sonnenburg on Voyager's "Elogium"
If you really want to, there is an alternate project definition (which you can download from Microsoft) that will compile the project into a set of DLLs only and also build a deployment MSI file. No source will have to exist on your servers at all.
That said, someone could potentially grab the DLLs and then use a program like Reflector to inspect it, but that's a bit overkill.
That said, someone could potentially grab the DLLs and then use a program like Reflector to inspect it, but that's a bit overkill.