How do you stop Website content theft?
Sun Feb 20, 2005 1:16 am
How do you stop Website content theft?
Can some of you please tell me how do you make it impossable for someone to right-click and "save as". I have struck this feature on a number of sites and wonder how they do it. My concern is both with text and images.
I post a lot of other peoples' images on our site (with permission of course!) and would like to be able to offer that little extra protection that it will not be pirated for commercial use.
Thanks Martin
Can some of you please tell me how do you make it impossable for someone to right-click and "save as". I have struck this feature on a number of sites and wonder how they do it. My concern is both with text and images.
I post a lot of other peoples' images on our site (with permission of course!) and would like to be able to offer that little extra protection that it will not be pirated for commercial use.
Thanks Martin
Sun Feb 20, 2005 2:14 am
You could add some JavaScript to your pages that disable right-clicking, but in reality that won't really get you anywhere. All any such methods will do is to stop the casual user from saving the image to their hard drive, since anything the browser can view needs to be accessable and can be easily downloaded. The sad truth is, the only sure way to prevent content theft is not to have any content.
Sun Feb 20, 2005 2:58 am
Thank you both for taking time to reply, much appreciated.
Martin
Martin
Sun Feb 20, 2005 10:02 am
I always suggest using low-res images, there use is very limited. I do work for Gladstone Media, Golden Age Desk Calendar, and we came across a website recently who had scanned the pages of the calendar and posted them on his site. He did post my name as the copyright but he did not ask Gladstone or myself for permission. This really bugs me. I have no problem with people downloading my images as long as they do not try to make money off them or distribute them. I have always felt if you post them then expect it to happen.
Eric
Eric
Sun Feb 20, 2005 12:38 pm
CAF Corsair wrote:Martin,
If you are prepared to part with some cash, there are some good website protection programmes available to purchase.
It has to be said that a fool and his money are easily parted.
If I can see it on my screen I can copy it. Don't waste your money. If you don't want people to print it, or save a copy to their own drive for future use, then don't publish it in the first place.
Sun Feb 20, 2005 2:48 pm
Hi Martin!
Jumping through a bunch of hoops and spending money isn't going to seriously stop anyone who wants the content/pictures. Eric's advice is right on. Low res and watermarked pictures are your best defence against having the pictures reposted elsewhere. That being said, I have a few suggestions to protect your site from the most obvious types of automations and "theft".
These depend on the level of control you have over the site. They are useful if you have complete control over the site and the server it sits on, webserver and serverserver.
On the first one, There's a question you need to answer for yourself. Is this a "Public" website? I mean is it a place you want, or are trying to drive unknown users to? Or is it mostly "Private", meaning you're going to distrube a link to friends and family (and WIX
)?
In either case, become familiar with the file, robots.txt, and how to use it. Spiders from reputable companies like google obey the instructions in the robots.txt file. If you don't care if the entire world knows about your site and it's contents, leave the file out. Google's spider will crawl your entire site and index it. Then when anyone makes a search asking for something your site is related to, you come up. That goes for images also. If you don't want that to happen, using the robots.txt file will tell the spider to leave, or most anything inbetween.
Of course, this will not stop any ol loser from telling a spider to disregard the robots.txt file. To stop the losers who crawl anonymously without regard for owners wishes, require a log in. This will make a spider fail and move on.
Read your logs. Set webserver logging to very-very-verbose. Log everything. This should not be a problem for you, size wise, unless your site gets 10k+ hits daily. After the first couple of weeks, the log size should settle down to something expected everyday. Then you only have to read it if there is a big change in logfile size. Get a logfile analyzer, there are some good freebies available out there. This will shorten the amount of time you spend looking for something in there. Doing this will allow you to......
Block IP addresses. See anything goofy in the log, block them. This will not stop someone from using an anon-proxy and doing what they want to do anyway. Sooooo, before you set up the webserver, look up the most popular anonymous proxies first, and pre-block them.
Monitoring. If your website is hosted by a service, they usually have some kind of monitoring available. Set it to email or page you if traffic spikes beyond a certain level during a certain period of time. If you are hosting your own server, it can be monitored in the OS and the server and set to do the same thing. This will allow you to try and stop someone using something like webstripper from manually downloading your entire site. It will also alert you to any problems that are beginning to happen.
Block the inbound use of [IMG] tags. A good example of this is webshots. Try to post an [IMG] tag here, from webshots, and see what happens.
If you're running a forum also, require a log in, disable [IMG] tags in it. If you have to have [IMG] tags, require your users to have a reasonble post count before they are able to use them, 50 is a good number. Same thing for guestbooks, require a log in, ect.....
Keep your webserver patched. Keep the OS its sitting on patched. If it's an IIS website, use iislockd on the webserver, and have a good virus checker on the serverserver.
Disable directory browsing.
This seems like a lot. It's not. Most of this work is done before you come online with the site. The rest requires a few minutes a day. These will stop the most obvious forms of content theft. They are also helpful if you're paying for bandwidth by use. Some of these things you should do regardless of the content issue, it's just being a good internet citizen.
I run many corporate websites and have helped friends and family with theirs also. I've blocked entire countries and continents from some of them. It's surprising how the level of BS associated with running a website day to day goes to almost zero when you block, sayyy, the entire country of China from accessing it. Block at the POP, thats my motto.
Hope this helps a little,
Orvis
Jumping through a bunch of hoops and spending money isn't going to seriously stop anyone who wants the content/pictures. Eric's advice is right on. Low res and watermarked pictures are your best defence against having the pictures reposted elsewhere. That being said, I have a few suggestions to protect your site from the most obvious types of automations and "theft".
These depend on the level of control you have over the site. They are useful if you have complete control over the site and the server it sits on, webserver and serverserver.
On the first one, There's a question you need to answer for yourself. Is this a "Public" website? I mean is it a place you want, or are trying to drive unknown users to? Or is it mostly "Private", meaning you're going to distrube a link to friends and family (and WIX
)?
In either case, become familiar with the file, robots.txt, and how to use it. Spiders from reputable companies like google obey the instructions in the robots.txt file. If you don't care if the entire world knows about your site and it's contents, leave the file out. Google's spider will crawl your entire site and index it. Then when anyone makes a search asking for something your site is related to, you come up. That goes for images also. If you don't want that to happen, using the robots.txt file will tell the spider to leave, or most anything inbetween.
Of course, this will not stop any ol loser from telling a spider to disregard the robots.txt file. To stop the losers who crawl anonymously without regard for owners wishes, require a log in. This will make a spider fail and move on.
Read your logs. Set webserver logging to very-very-verbose. Log everything. This should not be a problem for you, size wise, unless your site gets 10k+ hits daily. After the first couple of weeks, the log size should settle down to something expected everyday. Then you only have to read it if there is a big change in logfile size. Get a logfile analyzer, there are some good freebies available out there. This will shorten the amount of time you spend looking for something in there. Doing this will allow you to......
Block IP addresses. See anything goofy in the log, block them. This will not stop someone from using an anon-proxy and doing what they want to do anyway. Sooooo, before you set up the webserver, look up the most popular anonymous proxies first, and pre-block them.
Monitoring. If your website is hosted by a service, they usually have some kind of monitoring available. Set it to email or page you if traffic spikes beyond a certain level during a certain period of time. If you are hosting your own server, it can be monitored in the OS and the server and set to do the same thing. This will allow you to try and stop someone using something like webstripper from manually downloading your entire site. It will also alert you to any problems that are beginning to happen.
Block the inbound use of [IMG] tags. A good example of this is webshots. Try to post an [IMG] tag here, from webshots, and see what happens.
If you're running a forum also, require a log in, disable [IMG] tags in it. If you have to have [IMG] tags, require your users to have a reasonble post count before they are able to use them, 50 is a good number. Same thing for guestbooks, require a log in, ect.....
Keep your webserver patched. Keep the OS its sitting on patched. If it's an IIS website, use iislockd on the webserver, and have a good virus checker on the serverserver.
Disable directory browsing.
This seems like a lot. It's not. Most of this work is done before you come online with the site. The rest requires a few minutes a day. These will stop the most obvious forms of content theft. They are also helpful if you're paying for bandwidth by use. Some of these things you should do regardless of the content issue, it's just being a good internet citizen.
I run many corporate websites and have helped friends and family with theirs also. I've blocked entire countries and continents from some of them. It's surprising how the level of BS associated with running a website day to day goes to almost zero when you block, sayyy, the entire country of China from accessing it. Block at the POP, thats my motto.
Hope this helps a little,
Orvis
Tue Feb 22, 2005 5:15 am
again thanks for the replies
Tue Feb 22, 2005 7:29 am
Hi Martin,
OP's post is excellent. If you just want to deter the very casual 'borrowers', 'watermarking' or putting a name stamp on the pic is a good idea. If you include an e-mail contact as part of that the text, then those who want to ask permission, can.
It's a minor deterrant, but will stop a lot of the lightweight borrowers...
Cheers
OP's post is excellent. If you just want to deter the very casual 'borrowers', 'watermarking' or putting a name stamp on the pic is a good idea. If you include an e-mail contact as part of that the text, then those who want to ask permission, can.
It's a minor deterrant, but will stop a lot of the lightweight borrowers...
Cheers
Wed Feb 23, 2005 6:41 am
Hi Martin
I am afraid that if it's posted it's gone - I do this for a living and trust me the post that says if I can see it on my screen it's gone is correct. I guess you just have to decide how much you really want to protect the text or images ?
Regards
John P
I am afraid that if it's posted it's gone - I do this for a living and trust me the post that says if I can see it on my screen it's gone is correct. I guess you just have to decide how much you really want to protect the text or images ?
Regards
John P