How To Protect Your Website From Pirates, And Other Ill Intentioned Souls

Est. Reading Time: 4 minutes

Ahoy ye land lubbers,

This fine day I been requested to come discuss the issues of pirates and other ill motivated visitors to yer websites. Who better, what with me bein’ one of them very rougish gents meself. I’ll be telling ye how to keep villans from cloggin’ up yer data with falsified form submissions, how to be protectin’ yerself from those fishers what ought keep to their scaley prey, and how to protect yer own work from dreaded pirates out to steal yer clever codes.

First, the forms. Many are those what would use enchanted devices called “bots” to search yer site for forms and enter dirty inputs to test yer site’s defenses. Now before ye run out the long guns and enter in a lengthy, and costly battle, consider the oldest, and noblest of pirate traditions: run away from the fight, or in this case, hide. By adding a captcha to yer form, ye’ll be makin’ yerself invisible-like to the bots, who won’t be able to poke and prod at yer defenses because they won’t be able to submit the form. Adding a captcha is easy and I even recommend the one found here: Not only will ye be saving yer site from the dreadful bots, but ye’ll be helping decipher and digitize books at the same time. Recaptcha also comes with easy to use plugins for wordpress and other php based sites.

Nextly, we have those devious bilge rats what be doin’ their pirating the honest way. BY HAND! These pirates will only be slowed down by the captcha, but not stopped. For them a more elegant solution be required. Input serialization and strict regular expressions determinin’ what characters be allowed or not on yer inputs (all implemented on yer server of course for security) be necessary to ensure these manual attempts to infiltrate yer systems always crash upon the rocks afore reaching yer pristine beaches. This be a tad more complex than yer captcha implementations and should always be done by a professional pirate hunter. Regular expressions can be done easily with .net validation controls, and serialization should always be done to all fields being sent to the database, lest ye wind up with yer data being made public.

Finally, we come to the true pirates of the age. Those wishin’ to steal yer intellectual properties. Some properties, like designs are impossible of protectin, but others, like logic, be much easier to holdin’ onto. Before releasing yer site upon the world, always be makin sure ye’re protected yer script logic either by minifyin’ it, or by even obfuscatin’ it. Minifyin’ yer script will be removin’ all extra white spaces, and shortening all yer variable and function names down to one or two characters. This be havin the effect of givin’ yer code a smaller footprint which will speed up yer site, and also hiding away the ease of readin’ what might otherwise give clues as to the script’s purpose. A good minifier be found in these waters: A more better way might even be to obfuscate yer code. This be similar to minifyin’ in that it reduces yer code’s footprint, but it also be changin’ the script ye provide to be one what is minified and then produced an equally minified script on execution that be functionin’ like the original. There be a tradeoff here though, in that yer script won’t be runnin’ until the script what be creatin’ yer script be executin’. One of them obfuscators can be found here:

So now ye know how to protect yerself and yer data from the merciless and cruelest of threats aboundin’ these waters, liars, theives, and pirates. Now ye can be sailin’ without fear, knowin’ that yer defenses be capable of cuttin’ down all those that’d be meanin’ ye harm.


Captain Vine