Encrypt html,password protection,hide source code - the basics [Home]

Image Protection - how to use Image Guardian

FAQ - protect html , scripts, PHP, ASP

FAQ - protect images

General settings

Profiles and advanced settings

Encrypt ASP files

Ultra - Strong HTML password protection

Encrypt PHP files

Protect css files [Style Sheets]

File List Manager and Command line reference

Site Manager

Known issues & Troubleshooting

Support

Shortcuts

Encrypt HTML source, ASP, PHP, scripts, style sheets. Image protection for your website.


Welcome to the official HTML Guardian Online Help website.

[You may download a bit extanded offline version of this online help file (.chm format, about 400 K) here.]

HTML Guardian is the first and most popular solution for total website protection.
Initially released in April 1997, today it is adopted as a world standard for web intellectual property protection - nearly 90% of the webmasters who want to encrypt html code, protect ASP, Javscript, VBScript, PHP files or style sheets, hide html source from thieves, need extremely secure html password protection or an enhanced image protection use HTML Guardian.
Read here why.



To start using HTML Guardian immediately, please scroll down.
Most questions you may have are hopefully answered in our FAQ and in the other sections of this site. If you need some additional information, you are welcome to contact our support team .

How to use HTML Guardian

You need to follow four easy steps to protect your files with HTML Guardian.
  • Select the file(s) to protect
  • Click 'Select file' if you want to encrypt a single file.

    Click 'Select folder' to encrypt all files in that folder at once. Only *.htm, *.html, *.shtm, *.shtml, *.stn, *.js, *.vbs, *.asp, *.inc and *.php files inside the selected folder will be encrypted, everything else will remain unchanged (if Image Protection is enabled, images will also be protected).
    When you encrypt a folder, HTML Guardian will create a copy of this folder with "_E" added to the folder name and will put all encrypted files there under their original names. If for example you selected to encrypt C:\MySites\Site1\ folder(the source folder), the encrypted files will be saved in C:\MySites\Site1_E\ (the destination folder).
    HTML Guardian will copy all the files that were not encrypted(like .swf, .wav etc) , and all subfolders from the source to the destination folder too to ensure that encrypted files will work correctly.
    Actually the destination folder will be an exact copy of the source folder. Files of types which HTML Guardian can't protect will be copied to the destination folder without any modifications.
    Note that folder encryption is now recursive - HTML Guardian will encrypt all the appropriate files in the source folder, and all the files inside its subfolders.

    Click 'Paste' to paste code for encryption from the clipboard.
    You should correctly specify the type of the code you want to protect - html, javascript, asp etc. in the code type selection dialog that will pop up.

    For fast and easy encryption of custom sets of files with different protection options for each file, please read HTML Guardian's File List Manager and Command line reference. The File List Manager is a versatile tool that makes possible to encrypt the html source code of any set of files , with per-file defined security settings - this ensures maximum flexibility.

    To secure an entire website (or any set of files that reside in one folder) both for 'All' and 'IE5+' browsers witha different protection options for each file, use HTML Guardian's Site Manager.

  • Set the desired protection options
  • All HTML Guardian protection options and settings are explained below.
    If you want to protect the images in the files you encrypt, you should also enable and configure Image Protection (Image Guardian) .

  • Encrypt the file(s)

  • That's really easy, just click the 'Encrypt' button.

  • Test & Save the result
  • Once the file(s) are encrypted, test the result. If you selected to encrypt a single file, just click the 'Test' button to open the encrypted file in your default browser. Note that it is disabled if you've selected to encrypt a script file, or if you've checked 'Don't allow offline use' option, or if you encrypt an .asp file.
    For script files, test all html files that use them. If you saved the encrypted script file under a different name, don't forget to change that name in the html files that use the script file before testing.
    Files with offline use disabled will not work if you simply double click them in windows explorer. You have to open them using the http protocol - either upload them to some web server, or test them using a local http server(this also applies to .asp files). Windows NT/2000 users may use Microsoft's one which is a part of IIS(Internet Information Services). Windows 9.x users may use Microsoft's Personal Web Server [not recommended, as it has lot's of bugs], or some other http server like OmniHttpd. To test a file using a local http server, just copy the file to the server's root folder, then in the URL field of your browser type http://127.0.0.1/filename.htm.

    You can define up to four browsers in which you want to test the encrypted files by clicking 'Define browsers' under the 'Tools' menu (or by pressing Ctrl + B). Click the "..." button to select the main browser executable.
    After the browsers are defined, you can test each encrypted file in each of the defined browsers by pressing Ctrl + 1 .... Ctrl +4 keys. This is only possible if you encrypted a single file, testing encrypted folders, sites or filelists in diferrent browsers should be done manually.

Setting the protection options

  • Target browsers
  • Here you have to define in which browsers the encrypted file should work.
    If you select 'All', the encrypted file will work in all javascript enabled browsers.
    If you select 'IE5+', encrypted files will be properly displayed only in Internet Explorer 5.0 or higher, and also in all browser built on Internet Explorer, such as NetCaptor, FastBrowser, ClickGarden, etc.
    The second method is faster and more secure, it's practically impossible to be cracked.

  • File type

  • You only need to set this option if you paste code for encryption from the clipboard. In all other cases HTML Guardian will detect it automatically. If you paste code from the clipboard, make sure to select to correct file type, otherwise there might be errors in the protected source. If for example you want to encrypt html code, you should select the 'html' option. If you want to protect a frameset file(which is actually an html file) , select the 'frameset' option.

  • Encrypting only some parts of the file
  • This option can't be configured from the user interface.
    There are two possible ways to encrypt a file partially:
    You can specify which parts of the code TO BE encrypted (the rest of the code will remain unencrypted)
    - - OR - -
    You can specify which parts of the code NOT TO BE encrypted (these parts will remain unencrypted, the rest of the code will be encrypted). If you want to encrypt only a part of the code, you have to enclose it within these html comment tags(case sensitive):

    <!--htmlgstart -->
    ... here comes the part of the code you want to encrypt
    <!--htmlgstop -->

    If you want some part of the code to remain unencrypted, you have to enclose it within these html comment tags(case sensitive):

    <!--htmlgskipstart -->
    ... here comes the part of the code you do not want to encrypt
    <!--htmlgskipstop -->

    If HTML Guardian founds these tags in the file to be encrypted, it will automatically switch to partial encryption mode, otherwise it will encrypt the entire file. Partial encryption is only possible for html files, and not for script, frameset, .shtml or .asp files. It can be very useful if you want to hide source code(html only) partially and leave some of it editable.
    You can encrypt or leave unencrypted as many parts of the source code as you wish, but you can't mix both methods in one file.

  • Disable right click

  • This option is very useful and we suggest that you use it for all html files. This way the visitors of your site will not be able to right click on your images and select 'Save image..' from the context menu, or to copy link addresses the same way.
    Using this option will also automatically disable the Image Toolbar in Internet Explorer 6.


  • Don't show links in status bar

  • Normally when you put your mouse over a link, the file to which this link points is displayed in browser's status bar(usually at the bottom of the browser window). Check this option if you want to protect links by making this information invisible. Use this option together with the previous one, otherwise visitors will be able to copy link addresses from the right click context menu
    Note: This option will suppress your custom status bar messages, if any.


  • Disable text selection

  • Using this option will make impossible text to be selected and copied by dragging the mouse, pressing Ctrl+A or clicking 'Select All' either in browser's Edit menu or in right click context menu.

  • Don't allow offline use

  • If you use this option,your files will work fine when someone is browsing your site, but will not work if they are saved and run from the local hard drive. To work, files protected this way should be requested through http protocol. To test a file with offline use disabled, you have to upload it to some web server, or you can also test it offline if you have some http server installed, like the http server which is a part of Microsoft IIS(Internet Information Services). The file will not work if you simply double click it .To test the file using a local http server, copy it to the server's root folder, then in the url field of your browser type: http://127.0.0.1/filename.htm

  • Password protection
  • When you check 'Password protect this page' box, the html password protection configuration window will open. Here you have to set the html password which the visitors must enter to see the page. Also, you have to select where to redirect the visitors in case an incorrect password was entered.
    Redirection options are:
     Display blank page - will display a blank html page.
     Go back - will turn the visitor back to the previous page visited.
     Redirect to this URL - here you can enter any valid URL like http://www.protware.com - visitor will be redirected to this url in case of incorrect password.

    If you want to password protect many files but the visitors of your site to be asked for a password only once, you chould check the "Ask for a password only once" box in the General Settings configuration window

  • Referrer check
  • When you check 'Add referrer check' box, the referrer configuration window will open. Here you have to set the scope of URL's allowed to link this page, and where to redirect the visitors in case the page is linked from another place.
    Redirection options are:
     Display blank page - will display a blank page.
     Redirect to this URL - here you can enter any valid URL like http://www.protware.com - visitor will be redirected to this url in case the referrer is outside the scope of URL's allowed to link this page.
    Let's explain what referrer is - this is information about where you come from. Let's say you have two pages, page1.htm and page2.htm, and you have a link to page2.htm in page1.htm. When you click the link in page1.htm and open page2.htm, the browser will know that you come here from page1.htm. Actually, the referrer would be http://www.yourdomain.com/page1.htm.
    But if you open page1.htm and then you visit page2.htm, but not by clicking a link to it (like if you type the page2 url in the url field of your web browser, or if you open page2 from your bookmarks), the referrer will be an empty string.
    So the referrer check option is useful if you don't want your pages to be linked from another websites.
    In 'This page can be linked from' textbox you have to enter some common part from the URL's of the files allowed to link this page. Normally that would be your domain name, like protware or protware.com - in this case the protected file can be linked only from within your domain. You may also include a filename here, like http://www.protware.com/features.htm, or just protware.com/features.htm - in this case, the protected file can be linked from the specified file only.
    To say it in another way - the protected file can be linked only from files which URL's contain the string you entered in 'This page can be linked from' textbox. If for example you enter there 'com', the file can be linked from any other file from any whatever.com domain, or from communications.org
    Note: This option will not work for files opened in javascript generated windows. For example, the referrer check will fail for the protected file test.htm if you open it from a script like this
    new_win = window.open("my_test.htm");
    , no matter from which file you open it. This option will work only for files opened by clicking regular hyperlinks like
    <a href='my_test.htm'>Click here to open my_test.htm</a>
    Note: This option will not work offline. If you test a file protected with this option offline, the referrer check will always fail and the action specified in case of an incorrect referrer will be performed (you'll be either redirected to the URL specified in case of an incorrect referrer, or a blank page will be displayed - depending on what you specified in the referrer check configuration window).
    Never use this option when you protect files intended for offline usage, like for example tutorials in HTML format that will be distributed on CD's etc.

  • Disable page printing

  • Checking this option will make impossible a protected html file to be printed.
    Note: This will not actually 'disable' page printing. If someone tries to print a protected html file, only blank pages will be printed.


  • Disable Clipboard & Print Screen

  • This will only work in IE 5+ browsers. If this option is checked, this will totally disable the clipboard and the ability to take screenshots by using the Print Screen button. The clipboard will be fully disabled while a page encrypted with this option is opened - it will be impossible to copy/paste text, files or anything else.
    If your site uses frames and two or more html files are displayed in the frameset, it is recommended to use this option for only one of the files.


  • Encrypt Meta tags

  • HTML Guardian is designed to skip Meta tags when encrypts html files, because in most cases there is no need to do that. Also, some Meta tags may have no effect if encrypted(such as content, keywords, or the ones that define the character set). But some meta Meta tags will work fine encrypted, for example refresh.
    If you use this option, all Meta tags will be encrypted.
    If you want to encrypt only some of the Meta tags: Cut the Meta tags you don't want to encrypt and leave the ones you want. Check 'Encrypt Meta tags' and encrypt the file, then paste the unencrypted ones in the beginning of the head tag of the encrypted file.

  • Only compress code(without encryption)

  • There could be some files you don't want to encrypt. You can use this option to decrease their size. It will remove all unneeded characters from the html code, like new lines, tabs, spaces, comments etc. Compressed files can be edited with HTML editors, but it will be inconvenient (although possible) to edit them with a simple text editor such as Notepad. The results of compression may vary a lot, file size can be decreased from 3 to about 30 %.
    This option can't be used for vbs or asp files, and all additional protection options are not available.
    HTML Guardian offers two code compression levels - High and Low. Files will be compressed with the currently selected compression level, which can be changed from the General Settings window.
    Note: You don't have to compress files first and then encrypt them. HTML Guardian automatically compresses the files before encryption.
    Note: In HTML Guardian Personal edition the "only compress code" option is limited to files up to 8-10 KB in size. Larger files will be compressed only using the Low compression level. This limitation will not be applied for the files you encrypt - they will always be compressed using the level specified by you.


  • Disable syntax check

  • HTML Guardian displays a warning if the file being encrypted is with an incorrect syntax. If you use this option, warnings will not be displayed. HTML Guardian's syntax checker will still work and will create a new entry in the Error Log for most of the detected errors (but not for all of them).
    In many cases the files listed in the error log will work, but there is no guarantee.
    You should check all encrypted files listed in the error log - if they do not work as expected, you should check and fix the original files, then re-encrypt them.


  • Using HTML Guardian's Auto Update utility

  • To check if a new version of HTML Guardian software is available, click the 'Check for updates' menu item under the 'Update' menu.
    This will start HTML Guardian's Auto Update utility which will inform you whether a version newer than the one you have is available. In case there is a newer version, you can read a brief description of the new features added, then the updates will be downloaded and installed automatically.
    The Auto Update utility will detect all information needed to connect to the web (proxies, DNS, etc.) from your default browser, you don't have to configure it. But you have to be connected to the internet before starting it, otherwise an error message will be displayed.
    Auto Update utility is only available in HTML Guardian Professional / Enterprise Edition.
    We recommend to check for updates at least once per month. If you experience problems when you encrypt html files, protect images, use the html password encryption, hide html source code or when performing any other task, please first check if a new version of the program is available- the problem may be fixed in it.


Go back   links Next

   © 1997-2005, ProtWare Inc. All rights reserved.