[Solved] Protect css file with PHP

[TheDoc]

Compressing your CSS and Encrypting your HTML can help. Though, I wouldn’t encrypt your HTML when you go out of beta.

http://www.iwebtool.com/html_encrypter
http://www.catswhocode.com/blog/3-ways-to-compress-css-files-using-php
http://refresh-sf.com/yui/

Another link:

http://www.n1studios.net/tutorials/php/css-file-protection.html

[coffeendonut]

@TheDoc i dont want to Encrypt and that applies for compression to… and the n1studios one the .htaccess file is messed up so i couldn’t apply it long time ago… anything else…? not trying to be rude or something but wat i really want is ” if someone navigate’s directly to the file they will get an error”… either with .htaccess or php is all i need. thanks in advance. ;)

[Rob MacKay]

I think the thing we are failing to understand is why it matters – the problem is that if you make it so people can not go directly to your CSS file, they can just pull it straight from something else, like firebug – copy and paste. There is no way to hide the contents of that file, so why try? it’s like worrying about plugging the small hole in your boat and ignoring the iceberg that just ripped the side of your hull open :)

[coffeendonut]

You just had to kill it huh! lol alright i guess i just gonna have to live with it even tho i found a way to do it but it could be view with fire bug etc… Thanks @All of you for your time… an no code

[Rob MacKay]

Sorry @coffeendonut :(

[Chris Coyier]

People are just trying to say you should be spending your time building an awesome website rather than spending it trying to lock things down. It’s paranoid behavior and counter productive. If you really want to lock your design down, make your whole website a giant watermarked graphic. Or just put a phone number up people can call and you can describe to them what the website looks like.

[jamygolden]

You know what you could also do…

You could make your website partially rely on javascript. Then have the javascript check if the url contains something unique to your url (not based on the exact url because a noob could see that he/she should replace that url with their url). If so then the javascript adds/removes certain elements.
Or set the display of the body to none and have javascript change it to ‘display: block’ based on the url.

Cons:
This ‘solution’ could be easily bypassed by someone who knows anything about javascript.
Your website won’t function properly if javascript is disabled.

[lhoezee]

Sorry for making a comment on a very old thread.

I just wanted to point out a reason I had to secure my CSS files.

Basically, in a nutshell I had a group in Egypt which created a phishing site of one of my client’s sites. They were dumb enough or simply too lazy to copy and paste my CSS styles, so in stead they linked directly to my CSS files.

So I simply changed the path of my application to look at a new path and changed the styles they were using to have:

body:before {

content: 'This website is a scam!';

}



body {

display: none;

}

Then to stop them from doing it again, I used PHP to generate my styles and used the $_SERVER against a static array of domains I setup in the file.

You can see the rest of the article and code here:
http://www.thecodify.com/php/how-to-secure-and-block-others-from-using-and-viewing-your-css-styles/

Notice at the bottom I mention firebug and javascript.

Just as most of the guys on here say, it’s really not a major thing, however in my case I had to do something about it and quick! I was just lucky they were trying to access my CSS directly.

[Author]

Posts