itssami 0 Report post Posted April 29, 2006 i want to include a css file in a webpage , but i want to to keep it somewhere where people can not access it.for example ,if i keep a css file in, domain.com/somefolder/cssfile.css , then anyone can access it.. because in page dource there is that css file url.. i want that even when someone save the page , he can not have access to my css file.. is it possible ?? thanks Share this post Link to post Share on other sites
Inspiron 0 Report post Posted April 29, 2006 You cannot keep it somewhere where people cannot access the stylesheet. The html file you've coded have linked to the stylesheet. Hence whenever your visitor visits your site, the stylesheet is also downloaded together with the html file, images, sounds etc. The alternative to protect your stylesheet is to encrypt it in such a way only your html is able to understand. Humans, like us, will not be able to understand the stylesheet codings even if they've got the exact stylesheet file. A little search on google gave a nice software that is able to encrypt your stylesheets as well as your html files and javascripts. http://www.htmlguardian.org/help_main.html As stated on the webpage, nearly 90% of the webmasters who want to encrypt html code, protect ASP, Javscript, VBScript, PHP files or style sheets, hide html source from thieves, need extremely secure html password protection or an enhanced image protection use HTML Guardian. Fortunately there's a fully functional free Personal Edition for download and use. You may like to try that out. Share this post Link to post Share on other sites
farsiscript 0 Report post Posted May 2, 2006 (edited) You can use HotLink Protection for your style and css filesi use HotLink Protection for my images in my siteyou can find HotLink Protection in cpanel HotLink Protection is in Cpanel , at first login in cpanel and click at Leech Protect , then type your style or css or image url . thants alllook at note of HotLink Protection :: HotLink protection prevents other websites from directly linking to files (as specified below) on your website. Other sites will still be able to link to any file type that you don't specify below (ie. html files). An example of hotlinking would be using a <img> tag to display an image from your site from somewhere else on the net. The end result is that the other site is stealing your bandwidth. You should ensure that all sites that you wish to allow direct links from are in the list below. This system attempts add all sites it knows you own to the list, however you may need to add others. Edited May 2, 2006 by farsiscript (see edit history) Share this post Link to post Share on other sites
jlhaslip 4 Report post Posted May 2, 2006 Hotlink protection will only stop others from accessing the file from another server or another Domain. The way Hotlinking works is to stop others from using the file from your account on your server to style their page on their site. Or from using your Bandwidth to display an image from your account on their page.As Inspiron pointed out, the css file must be accessible to be sent along with the html, so Hotlink protection will not be good in this instance. And I believe that if you move the css file above the public_html folder, it would not be served with the pages, either, leaving the encryption method as the correct alternative.On the other hand, what's the big deal about letting others see you css? Are there State secrets stored in there? Matters of National Security? Letting people see the css file is not a big deal. Share this post Link to post Share on other sites
WindAndWater 0 Report post Posted May 2, 2006 Since hotlinking is already mentioned the manual (and slightly cleaner) way to do it is to add the following to your .htaccess file: RewriteEngine onRewriteCond %{HTTP_REFERER} !^http(s)?://(www\.)?yourdomain.com [NC]RewriteRule \.css$ - [NC,F,L]If someone tries to navigate directly to your .css file it'll send them to the 403 forbidden page instead.However, there are two problems with this approach. 1) It's very easy to fake the referer, and so it's quite easy to circumvent. 2) The .css files are downloaded to and interpreted on the user's local computer like .html files. That means that each and every person who looks at your html page will have your css page on their computer, at least for a little. However, both of these workarounds probably won't occur to the average user, so you can still block most people from seeing it. Share this post Link to post Share on other sites
Tyssen 0 Report post Posted May 3, 2006 Why do you want to hide your CSS anyway? It's highly unlikely you're going to be doing anything that no-one else has done before. Share this post Link to post Share on other sites