SitePoint Sponsor

User Tag List

Results 1 to 5 of 5
  1. #1
    SitePoint Member
    Join Date
    May 2005
    Posts
    6
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Question How do I protect my ASP code when distributing?

    I have a small ASP application that has no OCXs (so there is nothing for the users to download, etc) and no DLLs (so nothing to register).
    Currently, I only allow prospects to demo it online through my server and then they get the files (source code) when they purchase it.

    What I would like to be able to do is allow them to trial it on their servers for a limited period, but I don't know how to protect my code from being seen, used (if they don't pay) or copied?

    Can you please suggest the possible ways of doing this?
    I know that you can copy functions into a compiled DLL and then protect the DLL, but then I would have to run an install program to register the DLL, correct?

    Thanks in advance

  2. #2
    Original Gangster silver trophy Thing's Avatar
    Join Date
    Oct 2000
    Location
    Philadelphia, PA
    Posts
    4,708
    Mentioned
    1 Post(s)
    Tagged
    0 Thread(s)
    You could convert your code into a component in VB. The only drawback is the user would have to register the component on their server, and most shared hosting companies will not do this for them.

    You could tie in some fancy date/password checking, but any advanced user would be able to crack it.

  3. #3
    Guru Bullschmidt's Avatar
    Join Date
    Apr 2002
    Location
    USA
    Posts
    524
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Or this could help a little by removing comments and making all lines of code start at the far left:

    PCbit
    http://www.pcbit.com
    Advanced HTML Optimizer
    J. Paul Schmidt
    www.Bullschmidt.com - Freelance Web and Database Developer
    www.Bullschmidt.com/DevTip.asp - Classic ASP Design Tips

  4. #4
    ALT.NET - because we need it silver trophybronze trophy dhtmlgod's Avatar
    Join Date
    Jul 2001
    Location
    Scotland
    Posts
    4,836
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

  5. #5
    The doctor is in... silver trophy MarcusJT's Avatar
    Join Date
    Jan 2002
    Location
    London
    Posts
    3,509
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    How do I protect my ASP code when distributing?
    Unfortunately, the short answer is that you can't.

    • The code produced by the Microsoft Script Encoder (linked to by DHTMLGod above) is easily reversed (Google it)
    • Compiling the bulk of the code into an ActiveX/COM control still requires ASP pages to call & manipulate the component. This also makes the installation of the application (and applying updates) far more complex for the end user, and most decent commercial hosting services won't let you install the COM anyway, so you're severely limiting your market.
    • Other obfuscation techniques suffer from the same problems as the Microsoft Script Encoder, because ultimately the ASP script host must be able to decode and execute the code, and if *it* can do it, so can someone wanting to play with your code. I'm not saying that you can't make it *hard* for someone to understand (obfuscation is worth doing anyway), but you can't make it *impossible*, which is what you're asking about.
    • Adding code which "phones home" (i.e. via an XMLHTTP call) is possible but also flawed, since if the code can be read, it can be edited and/or removed.


    Ok, I think I've covered all the bases... but even if there are more, it's still the same answer, it's not possible, so you will just have to trust your customers.

    Finally, I suggest that your best approach is the simplest - price your product competitively (or cheaper), and your customers will have little incentive to cheat you. Don't forget that the innate knowledge of the application that you have in your head has value in itself, which could be capitalised upon by charging for individual support requests.
    MarcusJT
    - former ASP web developer / former SPF "ASP Guru"
    - *very* old blog with some useful ASP code

    - Please think, Google, and search these forums before posting!


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •