Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Resumed guide on How to Protect Shops content and images


Francys

Recommended Posts

Here goes a link explaining the importance of protecting images and site content, How to Protect Your Images on the Internet the pourpose of this topic is for community develop and comment the existing solutions towards: content and image protection of a store.

 

While there are no sure fire ways to keep your images from being stolen right off your web page, there are a few techniques that will discourage many would be "thieves". Let's explore some of these remedies.

 

In order to understand what we're up against, we first must understand just how images can be taken from a web page. There are 5 different ways to grab an image from a web site.

 

A - "Save Image As" with the right click mouse action.

 

B - Saving the page in IE5 grabs all images on the page including backgrounds.

 

C - Directly linking to where the image is stored on the server.

 

D - Open the image from browser cache located in the Temporary Internet Folder.

 

E - Screen capture programs and PrintScreen.

 

After installing this contribution oscthumb although it may do what is promises (sort A, B, C and D,E with watermarks) it will stall a shop because it will make it very slow - most users are taking it off and uninstalling like me (have a read at Oscthumb contribution forums) - although with many glitches that make this contribution not usable yet it is pointing to the right direction.

 

I installed this No Rigt Click- No Alert Message! it takes like 5 mins to install and it will sort A but not completely since if someone clicks in pop-up product image is able to right click and save the image.

 

Would like to see the opinion of community regarding the best addons currently able to sort out A-E content protection holes.

 

Thanks

Link to comment
Share on other sites

The link you give up top has some good ideas. Note that they're wrong about one thing: it's Javascript, not Java. Java is something completely different.

 

* Right Click Disable -- this will stop only the most naive thieves. Everyone else knows that all you have to do is turn off Javascript in the browser and this "protection" will disappear. I wouldn't bother. It also annoys people who right-click for other functions (other than stealing an image).

 

* Save Page -- most browsers can do this, not just IE5. And yes, any images on the page will be saved, for the leisurely inspection by the thief.

 

* Direct Link -- can be stopped by "hotlink protection" in your .htaccess file, if you don't include the browser "command line" in the whitelist of allowed sites.

 

* Go Fishing Through The Browser Cache -- if the image is displayed on your browser, it's available in the cache. Most browsers disguise the file name anyway, but eventually a determined thief can find the desired file. You may be able to send "HTTP headers" to mark an image as not-to-be-cached, but I've never tried it (and no guarantee that a browser will honor such a request -- a determined thief could use an open source browser hacked to ignore such things!). In any case, osC would have to be modified to send the appropriate headers.

 

* Screen Capture/PrintScr -- likely to include the rest of the window, browser buttons, text, etc., but may work adequately.

 

Some of the methods commonly used to protect images include

 

* Watermarking -- basically you make your image too ugly to appeal to a thief. At the least, it's free advertising for your site, should the image be stolen anyway. Be careful that the watermark information is 1) not in an area where it could be easily painted or cropped out in Photoshop/GIMP, 2) doesn't obscure something the buyer needs to see, 3) isn't in such a "busy" area that the watermark itself is unreadable, 4) isn't in a separate layer that can be easily discarded in Photoshop/GIMP (layers are squeezed down to one). For 1, 2, and 3, I would suggest manually editing the image to insert a watermark, rather than relying on automatic software.

 

Watermarking can be done on your PC with a photo editor such as Photoshop or GIMP. It can also be done automatically once on upload to your site, or on the first display of the image, by the appropriate software. Only an idiot would write watermarking code that builds a new image each time it's displayed! It should only need to be done once. You store the clean versions of your images on your PC, or elsewhere on your site, and just have watermarked images in the store. It's up to you whether you want to watermark thumbnails too, or just the full size "good" images.

 

* Slicing The Image -- an image is sliced and diced with a photo editor or utility into small blocks and strips, which are reassembled on the fly for display, either by a static layout or in Javascript. Note that this will not prevent theft... it just makes getting the full image back too annoying for most thieves to want to deal with. osC is built to handle a single image for each product (there are multiple image add-ons), so it would have to be modified to reassemble a sliced and diced image.

 

* Use Other Display Formats -- you might use Flash, Shockwave, or some repeating movie format to present an image. Again, the thief will be able to grab the file, and with the right software, possibly extract your image, but it will be too much work for many thieves to deal with. Also, osC doesn't natively display such formats for products, so some code changes would be in order.

 

* Background Image With Transparent Top Image -- while this will foil a Right-Click smash and grab, saving the entire page or going into the cache should provide the full image for the thief. Once again, osC would have to be modified.

 

I don't know about "encrypting" an image -- assuming the image is downloaded in an encrypted form, something on your site (Java applet or Javascript code) would have to decode the image on the fly, yet keep it out of the browser cache. Something would also have to be done to keep a thief from looking at the Java applet or Javascript code that does the decoding. Presumably, the key would change with each time an image is sent. Maybe it can be done, but I have no experience with it. Encrypting the file name doesn't sound terribly useful, if the plain image is sitting there in the browser cache. Don't confuse encryption with "steganography", which is the concealment of information (such as a copyright statement) within the image data itself. It would not prevent theft, but could be used in court to prove that you are the owner.

Link to comment
Share on other sites

The link you give up top has some good ideas. Note that they're wrong about one thing: it's Javascript, not Java. Java is something completely different.

 

* Right Click Disable -- this will stop only the most naive thieves. Everyone else knows that all you have to do is turn off Javascript in the browser and this "protection" will disappear. I wouldn't bother. It also annoys people who right-click for other functions (other than stealing an image).

 

(...)

 

Encrypting the file name doesn't sound terribly useful, if the plain image is sitting there in the browser cache. Don't confuse encryption with "steganography", which is the concealment of information (such as a copyright statement) within the image data itself. It would not prevent theft, but could be used in court to prove that you are the owner.

 

Very interesting observations Mr.Phill thank you for sharing this information. Regarding the solutions you have mentioned, i think Oscthumb is trying to address the most im sure, although is has some semantic bugs which slow so much oscwebsites.

 

On another related issue, there are some who conceal and encrypt the source code of their webpages, normally using JS or other third party software, if you google it you will find many related forums and some of them actually funny, but from the information i gathered, normally good programmers and webmasters, support this statement:

"The quality and importance of a webpage source code, varies in the inverse proportion of its author willing to encrypt/conceal." And besides there are no 100% foolproof systems, and the more you encrypt, the less your pages get indexed, so... if the browser can read it there are always forms to read it also and that is normal.

 

So if anyone knows any nice addon that can sort some of these recurrent issues with oscommerce, any suggestions are appreciated greatly.

 

Thanks

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...