-1

Website,

I would like security my website. Currently i have created a website with PHP, HTML, JS programming languages & CSS. But i need to secure that website from hackers. So my main objective is to avoid by downloading image & JS files by "right click/save as" option or Ctrl+s.

What i have done is, I have included this code in index.php : document.oncontextmenu = document.body.oncontextmenu = function() {return false;} //Disabled right click option

But, also they can download that sources(images & JS files). I have seen some websites in that we can't download js files Ex: http://ohmy-website-template.little-neko.com

So, Could you any one please help me to protect my website source codes. If that solution might be any web programming like Action script3.0, Php, JS etc.

Thanks in advance..:)

DillGates
  • 93
  • 2
  • 11
  • 1
    there is so such thing protecting js and images from download – Raab Feb 11 '13 at 06:51
  • You can make it hard, but **YOU CAN'T HIDE OR DISABLE IT !!!** – Wh1T3h4Ck5 Feb 11 '13 at 06:53
  • Define how preventing files from being "downloaded" protects against "hackers". – deceze Feb 11 '13 at 06:54
  • I can download js files from your http://ohmy-website-template.little-neko.com/ site via developer console. What you are demanding is not possible. If the client can't download the files that means browser can't. So the site is not view-able. – Mazhar Ahmed Feb 11 '13 at 06:54

4 Answers4

5

The answer is simple: that's impossible
You cannot protect files intended to be downloaded by client from downloading by client.

Your Common Sense
  • 156,878
  • 40
  • 214
  • 345
2

The problem is that if you'd like a fully functional site, you'll need the ability to have the user view the site. You could consider watermarks, but the images need to exist in a way that the browser can represent them. Nothing you do will protect from a user hitting "PrintScreen" on their keyboard.

turiyag
  • 2,757
  • 2
  • 22
  • 21
2

You always can download images and javascript files, no matter what "protection" scripts you include in the page. If you can't download images or javascript files, browser won't be able to download them and your page won't be usable.

You can minify and obfuscate your javascript code, so it's not easly editable, and you can include watermarks on your images. In this way javascript and images won't be downloaded for the purpose of using on another web site

Maxim Krizhanovsky
  • 26,265
  • 5
  • 59
  • 89
-2

change permission set from FTP. change it to READ and EXECUTE.

Ripa Saha
  • 2,532
  • 6
  • 27
  • 51
  • thanks everybody who have down voted me. My concept about security was not clear. now from the above answer I got it. It is really well explained in the above answers. Thank You Guys. – Ripa Saha Feb 11 '13 at 07:05