Welcome to WebmasterWorld Guest from 54.198.229.157

Forum Moderators: mack

Message Too Old, No Replies

Untrustworthy client

how to protect source code from theft from the client.

     
7:45 pm on May 3, 2004 (gmt 0)

New User

10+ Year Member

joined:Feb 27, 2004
posts:18
votes: 0


I have a client that does not have the best reputation for being honest. Because of this I got 40% of my payment up front and the next 40% comes when the page is ready for final editing. The site will have 1 other editing time frame and I am concerned the client will use a website crawler to download the entire site when it is 80% to 90% complete and then never talk to me again.

I was planning on giving him a 48 hour window to view and edit the site through a password protected directory. If he is literate enough to use a web crawler he can download this site in a few minutes.

Is there any way to protect this site until final payment is received, or do I cross my fingers and hope?

Paul

7:51 pm on May 3, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Mar 22, 2001
posts:2450
votes: 0


Do you have a signed, written contract? That's your best protection.

(edited for spelling)

8:20 pm on May 3, 2004 (gmt 0)

New User

10+ Year Member

joined:Feb 27, 2004
posts:18
votes: 0


Yes, but the court costs would be more than the website.

Paul

8:54 pm on May 3, 2004 (gmt 0)

New User

10+ Year Member

joined:Oct 8, 2003
posts:37
votes: 0


You could always use escrow services or have the client post a bond.
9:04 pm on May 3, 2004 (gmt 0)

New User

10+ Year Member

joined:Feb 27, 2004
posts:18
votes: 0


I was trying to do this with technology. I don't want the client to know I don't trust him.

Paul

<edited for spelling>

5:11 pm on May 4, 2004 (gmt 0)

Preferred Member

10+ Year Member

joined:May 4, 2004
posts:489
votes: 0


Paul,
I don't know how many pages you're talking about so this may be an unrealistic idea. But, what if you either showed him printed or PDF copies.

Maybe bring him into the office for a showing. Of course, if y'all aren't in the same area this doesn't work.

Or, maybe ask him what browser he uses and block anything else. I know some spiders show up as browsers, but it might work.

Try REALLY low resolution pictures. Probably not a great solution.

- Ryan

5:38 pm on May 4, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 18, 2003
posts:1925
votes: 0


I've seen a javascript before that could obfuscate html. What it did was encode all the html in unreadable mass of garbage and then used document.write to write it on the screen while decoding it.

That would work for sure unless your client is a good programmer to figure out the algo of that javascript.

I do not remember the name, just search around, I am sure you can find it.

7:36 pm on May 4, 2004 (gmt 0)

Junior Member from US 

10+ Year Member

joined:Dec 30, 2003
posts:125
votes: 0


Put COPYRIGHT on all pages and print out these pages with the date on it. This way, if the client attempts to run your code AFTER this date, you're covered. (also print out the code pages as well). Place these pages in an envelope and take to the post office to hand stamp. Have them stamp this OVER the sealed edge.

Keep this envelope in a safe place, and if it ever comes to court, simply hand the envelope to the judge and let him open it up. Case Closed!

Also, if you use the above-mentioned javascript code-obfuscator, you can also use this for images, but you can add a layer to the pages, with a full, blank transparent spacer image. If he tries to 'right click' to steal it, all he'll get is the transparent image.

sample code:
<div id="valuable_image" style="position:absolute; width:200px; height:189px;
z-index:1; background-color: #FFFFFF; visibility: visible; top: 37px; left: 27px; ">
<img src="/images/symbol1.gif"
width="197" height="195">
</div>

<div id="guard_dog" style="position:absolute; width:200px; height:189px;
z-index:1; border: 1px none #000000; visibility: visible; top: 37px; left: 27px;">
<img src="/images/transparent_fake.gif" width="197" height="195" >
</div>

Good luck!

Patrick Elward

8:06 pm on May 4, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:May 22, 2002
posts:902
votes: 0


Keep this envelope in a safe place, and if it ever comes to court, simply hand the envelope to the judge and let him open it up. Case Closed!

crashomon, this is called "poor man's copyright" and it's one of the biggest myths ever about copyright.

Do a web search on "sealed envelope copyright myth" and read through some of the resources.

8:12 pm on May 4, 2004 (gmt 0)

Junior Member

10+ Year Member

joined:Apr 21, 2003
posts:108
votes: 0


HI pkropp

If you want a tech solution that doesn't up front shows him that you dont trust him you could set up a couple of spider traps on the site (and dont mention the traps in robot.txt)

This way if he tries to spider the site and download it he will be locked out and will come to you. But he can surfe the site normally.

tho spider trap can be found by doing a search on Webmasterworld for "PHP spider trap"

Kind Regards
/Hafnius

8:20 pm on May 4, 2004 (gmt 0)

Junior Member from US 

10+ Year Member

joined:Dec 30, 2003
posts:125
votes: 0


ouch! Pleeker is right! I learned about the 'poor man's copyright' trick from a friend a million years ago and have kept it in my head as a 'good to know.'

Oh well, thanks for the heads up. Disregard my previous post on this matter.

Patrick

4:09 pm on May 5, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Jan 15, 2004
posts:1300
votes: 0


The spider trap is here [webmasterworld.com] , it works for that purpose exactly as stated, it's very funny when somebody tries to download your site and they get that beautiful 403 screen after the first page. I added a form to the 403 page so they can email you to get unblocked, that also sends the ip address they are at to you in the email. Important is to place a link on every page of the site that leads into the spider trap.

I had a client I didn't fully trust and simply showed him the completed website on my laptop then went with him to the bank for cash payment. He ended up being my best and most long lasting client.

6:31 pm on May 5, 2004 (gmt 0)

New User

10+ Year Member

joined:Feb 27, 2004
posts:18
votes: 0


This spider trap will catch offline viewers and the like keep them from downloading the page?

This seems like a reasonable solution. Thanks to everyone who has given recommendations.

Paul

10:31 pm on May 6, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:Jan 15, 2004
posts:1300
votes: 0


The spider trap will block anyone who tries downloading your entire site, but it won't keep them from downloading a single page with all the relevant files. If you don't put the spider trap page in the robots.txt file, and if you put the link to the spider trap fairly high up on the page, before any other links, a downloader will get only the page they are on, after that it's a 403 unauthorized access page.

If you are in the same area as your client, I would go to him and show him the site on a laptop, that's the safest, and doesn't have to seem like you don't trust him, it's just a regular business meeting. Then when he pays you, and the check clears, you can put the site up.

10:39 pm on May 6, 2004 (gmt 0)

Senior Member

WebmasterWorld Senior Member 10+ Year Member

joined:June 4, 2002
posts:720
votes: 0


Here is a mean trick ;)

Create a Snap shot of every page and link it with each other like a slide show.

Create a webpage make a link to the slide show and make sure that it opens in a new window, and allow only IE.

Also, make sure that the link on the main page is encrypted and the new links that opens up, does not have scroll bar, address bar and right click ability, and to top that, make sure that the sourcecode/image-code is also encrypted.

Also, it always helps to change the size of the site snapshot into a smaller size so even though it will get the point across, and will try to protect you if the end users were to screen capture the page and try to cut images.

Next you can also, Add *YOUR* name or logo where the logo should appear on the site and in addition to that, watermark the best images/graphics on the site.

Anyone with even 5% common sense, should be able to see a site would look even when modified as above, so I assume your client should not have any problem.

Hope this helps.