b++ Script Theft
This morning i checked my stats, and i came across interesting web site which is linking to my web design section. Since nothing was there, just some internal links, i right clicked and saw that it’s in fact calling JavaScript file from my server. What courage this guy has!
Why it’s not working on his website?
Fortunately, when building this website, i set all CSS and JavaScript going through serverside (PHP) script which will not pass these files outside my website — some referrer conditioning (or any other you find more appropriate) and simple switch/case deploying. If willing trying save following as externals.php
<?php
$q=$_GET["q"];
if (strpos($_SERVER['HTTP_REFERER'], "http://www.yourdomain.com/") === false) {
echo "/* Thanks for being interested in my work. Please contact me if you want to know more about how it's done. */";
} else {
switch ($q) {
case "css":
header ("Content-type: text/css");
readfile("style.css");
break;
case "js":
header ("Content-type: text/javascript");
readfile("script.js");
// and even more cases if desired : )
}
}
?>
and modify your HTML code somewhere in <head> section:
<link rel="stylesheet" type="text/css" href="http://www.yourdomain.com/externals.php?q=css" /> <script type="text/javascript" src="http://www.yourdomain.com/externals.php?q=js"></script>
Above is of course simplified version of the original script and it’s left to you to customize it however you want (hint: this page could send you an e-mail whenever conditions are not matched).
I’d be glad to hear how you solved yours.
001—2004.08.03.22:15
Pozdrav Mare,
nije ti lo¹e ovo predlo¾eno re¹enje, ali mnogo je bolje delovati u pravcu prevencije i time za¹tititi ponekad skupi bandwidth. Re¹enje je u izmeni HTACCESS fajla, a evo i kvalitetnog uputstva u vidu èlanka HTACCESS for Fun and Profit.
002—2004.08.03.23:11
Hvala! Ovaj naèin koji je opisan u tom èlanku nedoraðen je za jo¹ jednu liniju u
.htaccessdatoteci, a vi¹e se mo¾e naæi u èlanku na Webmajstori.Net.U osnovi kod oba se naèina radi o detekciji preko
HTTP_REFERERserverske varijable, meðutim s PHP-om su otvorene i neke druge opcije, osim pukog blokiranja datoteka s odreðenim ekstenzijama, kao npr. slanje e-mail-a administratoru kad god skripta ne vrati tra¾enu datoteku; zatim, mo¾e se prevenirati spremanje datoteke ucachebrowsera (posebno korisno za IE) itd, itd.003—2004.11.07.01:53
i don’t have anything to contribute to this article, but i just came across your site and can’t go without saying how beautiful it is (and all of your others)…. excellent job.