Javascript Block Source Code Inspection

Javascript Block Source Code Inspection

You may not want users to look at your html, css, or javascript codes. Hence you are here at this page.

You should take not however that, as html/css/javascript is rendered on the client-side, there is no complete way of blocking the user from viewing your code. You can, however, block out the newbies who are attempting this (which would probably account for over 90% of them). Also, know that blocking source code inspection may mean that your site is less user-friendly and may end up irritating legitimate users.

I have prepared a jsfiddle should you wish to test the code. Now, onto the actual code …

Blocking Right Clicks

To block a specific element (and its children) from being right clickable,

// block a specific element (and all its children) from being right-clicked
// use it like so : disable_rightclick("container_id");
function disable_rightclick(element_id)
{
    var elem = document.getElementById(element_id);
    elem.oncontextmenu = function() {return false;};
}

To block the entire page from being right clickable,

document.oncontextmenu = function() {return false;};

 

Blocking Hotkeys

The commonly used hotkeys for source code inspections are

  • Right Click -> Inspect Element (Hotkey: CTRL + SHIFT + I)
  • Right Click -> View Page Source (Hotkey: CTRL + U)

To block the above hotkeys, put the following codes on your page

document.onkeydown = function(e) {
    if(e.keyCode == 123) {
        return false;
    }
    if(e.ctrlKey && e.shiftKey && e.keyCode == 'I'.charCodeAt(0)){
        return false;
    }
    if(e.ctrlKey && e.shiftKey && e.keyCode == 'J'.charCodeAt(0)){
        return false;
    }
    if(e.ctrlKey && e.keyCode == 'U'.charCodeAt(0)){
        return false;
    }

    if(e.ctrlKey && e.shiftKey && e.keyCode == 'C'.charCodeAt(0)){
        return false;
    }      
}

CONCLUSION

Hopefully with these, you are able to block off users will ill-intent. Do remember that you will be sacrificing usability for security and you should determine for yourself if the trade-off is worth it or not.

Enjoyed the content ? Share it with your friends !

C# How to compile ConfuserEx

C# How to compile ConfuserEx

ConfuserEx is an open-source, free protector for .NET applications. The product itself is great, but the code and internals are even greater – it allows us to learn how it works and study them. So for anyone who is interested in the nitty-gritty, technical aspect of how obfuscators work, ConfuserEx is a great source to learn from.

For programmers who are relatively new, chances are that you will come into problems when trying to compile open-source projects with a larger codebase. This is because these projects (such as ConfuserEx) will rely on various modules and dependencies that you may not have.

How To Compile

First, ensure that you have these installed

  1. Visual Studio 2017 (Download Here)
  2. .NET Core 2.1 or later (Download Here)

Second, download the latest ConfuserEx solution from their github

Third, extract it to wherever you want to. After extraction, check to ensure that the dnlib folder is not empty (mine was when I tried). If it is empty, go to ConfuserEx github and download the folder manually (not the entire solution). The folder name should be dnlib @ <snipped hash> .Then, copy the dnlib solution into the empty dnlib folder

Fourth, open up the solution file that is named Confuser2.sln

Fifth, enter CTRL+SHIFT+B to build the solution. Hopefully everything goes well and it compiles, if it doesn’t, let me know in the comments below and I will see how I can help you.

 

 

 

Enjoyed the content ? Share it with your friends !

PHP WordPress Remove Paragraph and Line Break Tags

PHP WordPress Remove Paragraph and Line Break Tags

I find myself needing to remove the paragraph and line break tags that are automatically added into the post or category description quite often. So here is how it can be done

For Categories or Custom Taxonomies

add_filter( 'term_description', 'do_shortcode' ); /*Enable shortcode for term_description (incl. category/other taxonomy)*/
add_filter( 'term_description', 'shortcode_unautop' ); /*Don’t auto-p wrap shortcodes that stand alone*/
add_filter( 'term_description', 'wpautop' , 100); /*Remove line breaks from term_description by pushing priority to the end. Alternatively, you can remove the filter entirely*/
remove_filter('term_description', 'wpautop'); /*Remove line break filter completely*/

For Posts

add_filter( 'the_content', 'do_shortcode' ); /*Enable shortcode for term_description (incl. category/other taxonomy)*/
add_filter( 'the_content', 'shortcode_unautop' ); /*Don’t auto-p wrap shortcodes that stand alone*/
add_filter( 'the_content', 'wpautop' , 100); /*Remove line breaks from term_description by pushing priority to the end. Alternatively, you can remove the filter entirely*/
remove_filter('the_content', 'wpautop'); /*Remove line break filter completely*/

 

Enjoyed the content ? Share it with your friends !

Linux Check SSH Login Attempts To Server

Linux Check SSH Login Attempts To Server

For CentOS or RHEL distros, the login attempts are stored at /var/log/secure

For Ubuntu, the login attempts are stored at /var/log/auth.log

Sample Commands (based on CentOS)

To read the file, simply run the command cat /var/log/secure

If your ssh allows for normal password authentication, you can check for failed login attempts by running the command cat /var/log/secure | grep "Failed password"

If your ssh allows for key-based login, you can check for failed login attempts by running the command cat /var/log/secure | grep -i Invalid

 

 

 

Enjoyed the content ? Share it with your friends !

Linux Server Setting Up SSH Key Login In Windows Client

Linux Server Setting Up SSH Key Login In Windows Client

In this tutorial, I will be going through how to manually set up a SSH Key Login for your Linux servers. The commands for this tutorial will be based on CentOS 7, but can be easily applied to other distributions.

There will be three parts to this tutorial :

  1. Generating your SSH Key (Public & Private Key) with puttygen
  2. Setting up SSH Key Login on your Linux server
  3. Logging in using SSH Key with putty

If you already have a public & private key, you may skip over to part 2 of the tutorial.

Generating your SSH Key with puttygen
  1. Ensure you have putty installed (puttygen comes along with it). Otherwise, download here
  2. After you have installed it, run puttygen.exe and a window as shown below will appear

    puttygen-homepage-window
    puttygen-homepage-window
  3. Click on the ‘generate’ button as shown below

    puttygen-step1-window
    puttygen-step1-window
  4. Move your cursor within the blank area of the window as instructed in the program

    puttygen-step2-window
    puttygen-step2-window
  5. After you finished moving your mouse, you will be shown this screen

    puttygen-step2-window1
    puttygen-step2-window1
  6. Enter your password

    puttygen-step3-window
    puttygen-step3-window
  7. Save or export your public and private key to a secure folder.
    puttygen-step4-window
    puttygen-step4-window
    1. If you ever need to see your keys again, you can load the file into putty to see it.
    2. YOUR PRIVATE KEY MUST BE KEPT A SECRET AT ALL COSTS !
  8. Copy your public key (right click the textarea -> select all -> ctrl+c)

    puttygen-step5-window
    puttygen-step5-window
Setting up SSH Key Login on your Linux server
    1. SSH into your Linux with putty (its recommended not to use root, but another user)
    2. Create a SSH folder if it does not exist yet
      1. Create SSH directory : mkdir ~/.ssh
      2. Create authorized_keys file : touch ~/.ssh/authorized_keys
      3. Change ssh folder permissions : chmod 0700 ~/.ssh
      4. Change authorized_keys file permission : chmod 0644 ~/.ssh/authorized_keys
    3. Create an entry in authorized_keys file
      1.  Edit authorized_keys file : vi ~/.ssh/authorized_keys
      2. Press the INSERT key to swap to edit mode (previously read-only)
      3. Right click anywhere in your putty window and it should paste the public key you copied earlier
      4. Save the file by entering the following
        1. Press ESC key
        2. Type ‘:wq’ (without quotes)
        3. Press ENTER key
    4. Now we should disable normal password based authentication
      1. Edit /etc/ssh/sshd_config : vi /etc/ssh/sshd_config
            1. Scroll down till you see the following line
              PasswordAuthentication Yes
            2. Press the INSERT key to enable editing mode
            3. Change the ‘Yes’ to ‘No’, so it should ultimately look like the image shown below

              puttygen-disable_password_authentication-1
              puttygen-disable_password_authentication-1
            4. Save the file by entering the following
              1. Press ESC key
              2. Type ‘:wq’ (without quotes)
              3. Press ENTER key
          1. Restart your SSH service : service sshd restart
Logging in using SSH Key with putty
  1. Open up putty.exe
  2. Fill in your hostname and port

    putty-sshlogin-step1
    putty-sshlogin-step1
  3. Browse to Auth section / configuration

    putty-sshlogin-step2
    putty-sshlogin-step2
  4. Load your private key

    putty-sshlogin-step3
    putty-sshlogin-step3
  5. Go back to Session section and open the connection

    putty-sshlogin-step4
    putty-sshlogin-step4
  6. Enter whoever you wish to login

    putty-sshlogin-step5
    putty-sshlogin-step5
  7. Enter your password

    putty-sshlogin-step6
    putty-sshlogin-step6
  8. Congratulations, you are logged in ! (assuming your passphrase was right)
CONCLUSION

Using SSH Key as your authentication method is more secure, as it is a double-layer authentication (your private key, and your password/passphrase). It is not that hard to setup, and once you familiarized yourself with it, it becomes second nature to do so.

Enjoyed the content ? Share it with your friends !