-1

I want to make the Right-Click don't work in my website or give a error that says: Protected Content! The reason I want to do this is because I don't want others to see my Source Code. I know that you can make the Right-Click to not work but I am not pretty sure about F12. If there is no way to make the F12 key to not work is there any way to hide the Source Code form others? I saw a similar website today. If you right click on this website you get this:

F12 works in this website but the Source Code is hidden anyway. How can I archive similar results? Thanks for your time :)

MA19112001
  • 164
  • 2
  • 3
  • 16
  • 7
    *"The reason I want to do this is because I don't want others to see my Source Code."* Get over it. **:-)** They **will** see it if they want to. Obfuscate it if you like, but give up on any idea that you can keep people from seeing it. – T.J. Crowder Apr 24 '18 at 18:27
  • 5
    There's no way to hide your source code. The browser needs it to render the page, and if the browser has it, so does the user. – Phiter Apr 24 '18 at 18:27
  • *"F12 works in this website but the Source Code is hidden anyway."* Oh, you can still find it in the Network tab. – T.J. Crowder Apr 24 '18 at 18:28
  • @T.J.Crowder I see but can I at least make the Right-Click to not work? – MA19112001 Apr 24 '18 at 18:28
  • I'm sure that's possible i've seen some websites that hass it to some extent, yet again the source will always be available, since it's on the user end you can't fully control it – Rainbow Apr 24 '18 at 18:29
  • The comments above are correct, but if you really want, take a look here: https://gwebsolution.blogspot.com.br/2012/07/disable-ctrl-key-right-click-and-f12.html and here https://www.enjin.com/forums/m/10826/viewthread/4760201-protect-your-content-disable-rightclick-f12-keys – Calvin Nunes Apr 24 '18 at 18:29
  • Possible duplicate of [How do I disable right click on my web page?](https://stackoverflow.com/questions/737022/how-do-i-disable-right-click-on-my-web-page) – Phiter Apr 24 '18 at 18:29
  • @CalvinNunes Thanks, this helped me. Am I supposed to delete my Question because it was not a good one? – MA19112001 Apr 24 '18 at 18:30
  • Check this out: https://stackoverflow.com/questions/737022/how-do-i-disable-right-click-on-my-web-page – Conor Casey Apr 24 '18 at 18:31
  • @Phiter It's not the same... This Question is focused on how to make the Source Code not Visible – MA19112001 Apr 24 '18 at 18:31

3 Answers3

3

Answering the question overly honesty:

First you must avoid publishing the site on the Internet. Make it available only on your private machine(s) you have total control of. Make sure there are no USB ports exposed to users etc. Also, no internet access of any kind. They may just download some hacker tools this way. If you do not need text input, even better, keyboard can be used to type in some hacker tools as a source code and this way steal your precious sources.

Next make a custom build of a browser. You may want to use tools like Electron instead of generic browsers this way you will end with app that runs only your website and has no developers tools nor address bar nor anything other that may be used to gain access to your precious source.

Install Linux, create new user account with minimal privileges (no write access anywhere) and let it use X without any window manager. Only your electron app with your precious website and no menus that could be used to access some hacker tools like text editor that may reveal your precious source code. Also, configure the account to have complex random password so that users do not start another session in text mode and see your source code.

Remember that hackers may use means like timing attacks, side channels or other hacky means of stealing your code. To prevent that cover walls of the room you store your computer in with a metal grid to make a Faraday cage. Check all people entering and deny them bringing any electronic devices with them. Same for analog photo cameras or paper notebooks. Better safe than sorry: they may reconstruct your site source code based on how it looks like.

Or just accept the hard truth nobody cares about your website source code. There is plenty of places you may copy paste your code from and your website is not the most interesting one. And if you do that to prevent hackers, you have to write secure code (and test/audit it), not to hide it.

jaboja
  • 2,178
  • 1
  • 21
  • 35
  • WOW! This was really helpful... It is exactly what I was looking for. The website I am creating is getting out of my heads because I am not a really good developer (Only 2 Years Experience) and it really need a advanced security. But also I don't want to hire anyone because "The Zero Trust Principle ". I have never thought for something like this. You gave me a lot of ideas but I am still not pretty sure where to install the Machine that is hosting my website. Anyway thanks a lot :) – MA19112001 Apr 24 '18 at 19:16
  • I believe on the Mac, `CMD+SHIFT+I` opens up the dev tools from Chrome which is literally F12 on Electron apps. – Ru Chern Chong Oct 16 '18 at 17:17
2

Short answer: Browsers, which render your website, are a client-side technology, and there is no way you can control who is going to see or not see your source code.

Long(er) answer: Browsers download your website, together with it's source code the website onto users computer. Which means they can manipulate it however they see fit. There are some scripts that can ban right click or other types of interactions, but if you try to stop developers from inspecting code (and if they are ispecting, it's a good bet they are developers) they will find a way even if you block f12 or right click. You can always download website, use crawler, open in notepad, etc. etc.

You may want to investigate minifying and/or uglyfying HTML code, but it's no cryptography - again, if someone wants, they will find a way to undo that.

Also, I'm curious, why would you want to do that?

Sebastijan Dumančić
  • 1,165
  • 1
  • 11
  • 20
  • I see... Well TBH I don't want to give you the full answer but the website I am creating is going to be hosted is Deep Web. Now you can use your imagination to find why I don't want others to see my Source Code :) – MA19112001 Apr 24 '18 at 18:37
  • What's in there that is secret? If you are showing it to the "public", I don't get what is so secret about it. – Sebastijan Dumančić Apr 24 '18 at 18:41
  • Sure now I know that I can't hide anything but think about it. If you would be able the hide the Source Code from everyone wouldn't this make the Website and me more Secure? Anyway I know that was a dump idea... – MA19112001 Apr 24 '18 at 18:45
1

You can do this using window events but still there are ways to read your code.
For example fetching js without execution or disabling js in browser for a moment. 

window.addEventListener('keydown', e => {
  if (e.key === 'F12') // detect f12
  e.preventDefault()
})

window.addEventListener('contextmenu', e => e.preventDefault())
Maciej Kozieja
  • 1,812
  • 1
  • 13
  • 32