Encrypt html,password protection,hide source code - the basics [Home]

Image Protection - how to use Image Guardian

FAQ - protect html , scripts, PHP, ASP

FAQ - protect images

Encrypt ASP files

Ultra - Strong HTML password protection

Protect css files [Style Sheets]

File List Manager and Command line reference

Known issues & Troubleshooting

HTML Guardian Profiles and advanced settings - encrypt html, hide source code using profiles


HTML Guardian's Profile Manager and Advanced Configuration Settings window can be invoked from the Configuration menu or by pressing the F5 key. Profiles allow you to perform different operations ( like to encrypt html, hide source code, password protect web pages etc.) using pre-defined sets of security options.

Here you can configure HTML Guardian Profiles and Advanced Settings for the Code Analyzer engine, Encryption engine and Debugging engine.

A profile is a predefined set of protection options and settings for the Code Analyzer, Encryption, Security Auditor and Debugging engines. When you load a profile, all settings stored in it will be automatically applied to all files encrypted after the profile was loaded.
Profiles provide a convenient way to quickly apply a set of settings without having to specify them for each file individually. However, you may change each profile setting before encrypting some file.
Let's say the currently loaded profile is set to disable the text selection - this protection option will be automatically applied to all files. But you may uncheck the 'Disable text selection' box before encrypting some file, and this option will not be applied to it. For the next file you encrypt, it will be applied again.


Default settings Tab
Profiles Tab
IE 5+ Tab
Noscript Tab
Code Analyzer Engine Tab
Profiles and File Lists

Default settings Tab

encrypt html source



In the Default settings Tab you can configure the protection options to be used for a certain profile. You can specify different options for html/shtml, script and frameset files. Here you can also define the default browser for this profile, the password protection and the referrer check.
Only one password and one referrer can be set for a given profile. Also, only one wrong password action and only one wrong referrer action can be defined per profile.

Go back

Profiles Tab

html password

The Profiles Tab let's you manage your profiles.

Load selected profile button will load the profile selected in the Available profiles list. All files encrypted afterwards will be encrypted with the settings from this profile.

Set selected profile as default button will make the profile selected in the Available profiles list the default one (but will not load it).

Load blank profile button will load a profile with a minimum set of options - files will be encrypted without any additional protection options, and all settings for the Code Analyzer, Encryption and Debugging engines will be set to their minimum values. This can be useful for identifying problems - if the encrypted file does not work as expected, you may load a blank profile and try again.
You can load a blank profile at any time by pressing the F10 shortcut key.
Unlike all other profiles, the blank profile (blank.hgp) can't be modified. You can't store user-defined settings like a html password in the blank profile.

Load Default profile when HTML Guardian starts - if checked, the profile set as default will be automatically loaded when the program starts, and all files will be encrypted with the settings from this profile(unless you load another profile). If not checked, and you do not load another profile, all files will be encrypted using the default HTML Guardian settings.

To create a new profile, click the 'Create a new profile from the current settings' button. You will have to specify a name for the new profile, and all the settings specified in all tabs will be saved as a new profile. To be able to use the new profile, click the Refresh button - the new profile will appear in the Available profiles list, and you will be able to load it or set it as a default profile.
If you modify the currently loaded profile and save it under the same name, you will have to load it again for the changes to become effective.

Note : Files will always be encrypted with the settings specified in the currently loaded profile.
If you check the Load Default profile when HTML Guardian starts box, this will load the default profile at startup, and all files will be encrypted with the settings specified in it (unless you load another profile).
If no profile is loaded (Load Default profile when HTML Guardian starts box is not checked), HTML Guardian will apply its default settings, not the settings specified in the default profile.
Note that the default HTML Guardian settings (which will be applied if no profile is loaded) are different from the settings specified in the blank profile (blank.hgp)
The currently loaded profile is displayed under the Available profiles list. If you see there 'Default profile: None' - this means no profile is currently loaded and the default HTML Guardian settings will be applied.

Press F4 to see the current values of some of the most important settings.

Go back

IE 5+ Tab

IE5 encryption settings

Here you can specify some settings for the files encrypted with the alternative encryption method (for IE 5+ only).
All these settings will have no effect for files encrypted with the default (for All browsers) method.

Put a browser detection script in html files encrypted for IE 5+ - if this option is checked, a script for browser detection will be inserted in all html files encrypted for IE 5+.
If a page encrypted for IE 5+ is loaded in another browser, it will not be displayed properly ( in most cases a blank page will be displayed ) . Using this option, you may show a message to the visitor that IE 5+ is needed to view this page, to redirect him to another page etc, depending on the script.
The script itself is stored in ie5script.txt file in HTML Guardian's installation folder, clicking the Edit button will open this file for editing.
The script tags must be included, i.e. the ie5script.txt should start with <script> and end with </script>.

Note that HTML Guardian may reject the script - in such case no error message will be displayed, the script will simply not be included in encrypted files.

Default IE 5+ encryption method - it is recommended that you use the Enhanced method. In case of problems with encrypted files you may switch to the Classic method.
You may change the Default IE 5+ encryption method at any time by pressing the F6 key (to apply the Classic method) or F7 key ( to apply the Enhanced method ).
If you use F6 or F7, this setting will remain valid for the current session (i.e. until you restart HTML Guardian), no matter of the setting specified in the currently loaded profile. For example, the currently loaded profile may be set to use the Enhanced method. If you press F6 (to switch to the Classic method), all files will be encrypted using the Classic method afterwards - but this will not alter the profile.

Extensive debugging - in most cases there is no need to use this option, but if the encrypted file does not work as expected, you should turn it on. You can turn Extensive Debugging On at any time by pressing the F8 key, or turn it Off by pressing F9.

Press F4 to see the current values of some of the most important settings.

Go back


Noscript Tab

encrypt javascript configuration

Files protected with HTML Guardian can only be viewed in a javascript enabled browsers. Although 99.9 % of the browsers used these days are javascript enabled, there is still a very small possibility someone with a non-javascript enabled browser to visit your site - in such case, only the content of the NOSCRIPT tag will be displayed (this is valid for any encrypted file, not only in the cases of javascript encryption).
You can put any valid piece of html code inside the NOSCRIPT tag ( of course no scripts ). The NOSCRIPT tag to be inserted is stored in the noscript.txt file in HTML Guardian's installation folder, click Edit to modify it. NOSCRIPT tags should be included, i.e. this file should start with <NOSCRIPT> and end with </NOSCRIPT>.
It is recommended to insert a NOSCRIPT tag in encrypted HTML formatted emails - in some email clients javascript is disabled. In the NOSCRIPT tag you may also include a content which you want the search engines to see but to remain invisible to the visitors of your site.

Note that HTML Guardian may reject the NOSCRIPT tag - in such case no error message will be displayed, the NOSCRIPT tag will simply not be included in encrypted files.

Go back

Code Analyzer Engine Tab

image protection

Here you can define some Code Analyzer engine settings

The Heuristics Sensitivity Level setting basically defines how deep should Code Analyzer look in your code to predict possible conflicts and problems. For most files the recommended setting is between 50 and 60.
It is recommended to increase the Heuristics Sensitivity Level in the following cases:
- files with complicated scripts and dhtml effects
- files which contain sample html or script code, such as tutorials on web design etc.
- files that use document.write and similar statements to dynamically change the page code
- files where complicated javascript functions are called when some event fires, for example a button click - in this case the Code Analyzer engine will try to predict what will happen with the encrypted page if some event fires.
For simple files you may decrease the Heuristics Sensitivity Level, this will also improve encryption speed a bit.

Allow Code Analyzer to change Heuristics Level if necessary - there are many situations available in Code Analyzer's knowledge base for which a certain Heuristics Level is the most suitable. If this option is checked and such situation occurs, the Code Analyzer engine will automatically switch to another Heuristics Level, known to handle such situation better. This will only be done for the file currently being encrypted, then the Heuristics Level will be restored to the value specified in the currently loaded profile.
If this option is checked, in most cases there is no need to change the default Heuristics Level in your profiles - the Code Analyzer will change it if needed.
We recommend that you always use this feature.

Allow Code Analyzer to interact with installed browsers - if checked, the Code Analyzer engine will test a 'suspicious' parts of the code to see how they will behave in different browsers after encryption by checking each browser reaction to them.
Code Analyzer can test the behavior of IE4.0 or higher, Netscape 4.0 or higher and Opera 5.0 or higher. Of course, it can only test those browsers which are installed on your system. That's why we recommend that you have at least one version of IE, Netscape and Opera installed. For Netscape and Opera, it is not a problem to have different versions installed.
We recommend that you use this option, although it may slow down the encryption a bit.

Launch multiple instances of Code Analyzer for encryption of folders or filelists - if checked, this will launch a separate instance of the Code Analyzer engine for each file that has to be encrypted. This means also a separate instance of the Encryption and Debugging engines will be launched for each file.
This option can only be useful if the total file size of the files to be encrypted at once exceeds 2-3 MB, otherwise there will be no noticeable difference in the encryption speed. But if you need to encrypt a large amount of files at once often, it can be very useful - our tests with a 40MB set of files showed nearly 5 times faster encryption if this option is used.
In most cases, there is no need to use this option. It should not be used for PC's with less than 128MB RAM.
This setting is not taken into consideration when you encrypt html files using the ultra strong html password protection utility.

Go back

Profiles and File Lists

When you encrypt a File List or a Site, all settings specified in the currently loaded profile will be applied to the files in the list / site, except those specified in the Default Settings tab - in file lists / sites these settings can be specified for each file individually, so the profile settings will be ignored. If no profile is loaded, the default HTML Guardian settings will be applied for all the options that can't be configured from the File List Manager / Site Manager.
The above does not apply in cases when you encrypt html file (or any other single file - like .js, .vbs, .css, images etc.) - currently loaded profile settings are always used for them, unless changed.
Profile settings do not apply to the ultra-strong html password protected files.

Go back

Go back Next

   © 1997-2005, ProtWare Inc. All rights reserved.