[FREE TOOL] Protect your landing pages (28)
If your business relies heavily on ripping landing pages, then you're going to hate this. But if you develop or pay people to develop unique landing pages, then you're going to love this.
I just finished developing a free tool you can use to lock your landing pages to only work on your domain. Here it is: JSLock.it
Interested to hear what you guys think. Its very possible there could be bugs still, as it's brand new, but I have tested it to work on a variety of different domain types, as well as browser compatibility. If you think it breaks your page, please kindly let me know and I'll fix it ASAP.
You don't need to have any javascript on your landing page to use this. Conversely, if you do use javascript on your landing page, then this tool will be even better (since its not the only script on the page, it will be harder to find and remove if you blend it in with your other scripts).
Here's an example of how it works:
Your main domain is my-site.com. You generate the lock code and add it to my-site.com/epic-lander.html. Lazy affiliate downloads your my-site.com/epic-lander.html LP, and uploads it to his-site.com/stolen-lander.html, and he sees a broken page with nothing on it instead of what he originally downloaded.
No domain-lock is going to be foolproof obviously, but it will definitely reduce the frequency at which your landing page is easily ripped. If you appreciate this tool, hit the thanks button to let me know.
UPDATE: bbrock32 asked about the effect this script will have on page speed, so I did some tests and got some very surprising results. Somehow, using the javascript lock code actually made the page faster. I won't claim to have any understanding of why that is happening, but I'm not complaining. Here are some screenshots of the tests I did, notice the size of the page goes up, yet the load time goes down. Somehow the two seem to be negatively correlated, which is the opposite of what you would expect.
I did the test on jslock.it, here is the pingdom speed test before I added the javascript lock.
Here is the result after adding the javascript lock, notice the page size has increased slightly.
And I tested it one more time without the code to confirm
As a suggestion to expand the functionality.
Could you put a script that you host on your domain, and then reports back to you when another domain is trying to access it?
So you include the innocuous 'statcounter.js' script on your page as an absolute link. So it would be "www.domain.com/scripts/statcounter.js"
On the back end, you look for requests of statcounter.js that do not originate from your domain. Then it's a simple matter of filing a cease and desist / DMCA takedown with the new page owner.
Very cool, thank you 
Can you describe how it's locking it, without going into too much detail?
I'm not a programmer, so wouldn't understand the jargon.
Also, in what instances will this not work, or could potentially crap out?
leonidas32 - if the domain the script is being executed on (your LP) doesn't match the domain you entered when you generated the code, then the script will kill the page, or worst case, stop any further javascript from executing; that's about as simple as I can put it. It is intended to work on any web-page, I don't anticipate any instances of "potential crap out" unless it is not implemented properly. I have meticulously tested it, and tried to break it myself, and I have succeeded to break it once on a very bizarre case, which I fixed before release with an extra backup kill method. Add it to your page like you would a google analytics code, and it should work fine.
jennatalia - That is an interesting idea, but I think it comes with implications that would prevent a lot of people from using it. For such an event to occur, the script would need to report to a database that I administer. If that is true, then I would have access to a lot more than people would want (their scripts, resources, etc), given that I would presumably create the statcounter.js script (unless I am misunderstanding your suggestion). The only other alternative to avoid that would be for the user to host the database, and have statcounter.js report to their own database when someone uses their LP, but not everyone knows how (or wants) to endure the process of what that entails. I tried to design this tool so that it is a cut-and-paste solution, so you don't need to know the technical aspects of a database, while having no risk of the lock code taking their website information.
If you are just having people reference your script, I agree my suggestion wouldn't work too well.
If the script were to be something unzipped and loaded onto the server hosting the landing page, I would imagine an email would be sent to the original landing page owner alerting them to a potential theft. No database required.
As for statcounter.js, that is merely a suggested name change for JSLock.it so its not immediately obvious that the page has security features.
jennatalia - that's a cool idea that I will consider as an advanced option in the future. If I see that there is a big enough interest in this type of service as it stands currently, then I'll definitely be adding advanced features like this in the future developments.
What if they simply erase the javascript?
vidivo - well then the lock is removed of course. The point is, that most people ripping landers cannot distinguish the lock code from the other code on the page, and a lot of people won't even try. If you look at the code the tool produces, it's highly disguised for that reason. It is not evident what the code does, the variable names are never the same, and they are meant to confuse anyone trying to understand the code. Ideally you would place it with other JavaScript to blend in. See the FAQ page on the site, I talk more on this there.
awesome effort man.. But yeah, this will only stop an idiot copier.... who the hell doesn't remove or check all JavaScript before copying and deploying
I would definitely suggest changing the style to hide the entire page, or at least screw it up if the javascript is removed. That way a typical noob that is a bit more experienced will keep it there since it broke the page, and also Id suggest implementing something like transferring 20 percent of the traffic to your custom link :P
If you can do all that in one website like yours I would be a daily user
karim0028 - I think you should at least give it a chance. Have you looked at the code it produces? It is not evident what it does, so if for example, you added it to the JavaScript that these "rules" landers everyone's running for example, then if they don't know JavaScript, they won't know which pieces to remove without breaking the landing page functionality.
ok, can u explain how it works in more detail? is it absolutely necessary to have present for either JS to work? I'll tell u how I look at JS on a page....
I will comment out every file of JS one by one and test the lander... if it still works, I'll remove the JS completely.. if it doesn't work, I'll replace all common files with the URL for a cdn copy of the file
Vidivo - it does hide the entire page, is it not doing this for you? As for the other idea you mentioned, that would be impossible. One way you could get close to doing that is to have the JavaScript produce the entire HTML contents, but when someone downloads the pages, the HTML will come out rendered normally so what you're suggesting is simply impossible as far as I can see.
Karim0028 - I'm not sure I understand what you're asking? I explained what it does in other posts on this page, and also you can check out the help, about, and FAQ pages on the website. I spent a good amount of time explaining things in depth there, it will probably answer your question.
karim0028 - and if you used your "line-by-line" approach on a landing page with the domain lock, you would not be able to get it to work... It's not that easy to remove, for precisely that reason
Pretty cool tool similar to the late LP Lockdown, wonder whatever happened to that... Anyway thanks for sharing
That's a pretty good idea to keep noobs away.
However for everyone reading this, there is no way to protect 100% pages if someone technical sets their mind to rip them.
On another note, did you notice any difference in page load speed after adding the script?
bbrock32 - page speed was one of my primary concerns when I was making the tool, I have not noticed any difference in page speed from the lock code. If there is any difference, were talking about several milliseconds. Feel free to test this for yourself though if u want, would be interested to hear the results. I'm kind of curious now, maybe I'll do some tests myself and let u guys know what I find
UPDATE - I tested the speed and posted results at the top on the original post.
Cool tool, but I entered in my domain and got an error :/
Looks cool thanks Can you use this via CDN? I use Amazon and when lock my domain, the Amazon link doesn't display. If I try to enter my Amazon domain link then it doesn't accept is as a valid domain. Am I missing something here?
Looks like the domain is not working anymore. Does anyone still have this script, or can recommend an other one?
Thanks!
I'm also interested!
Sent from my SM-G9550 using Tapatalk
Originally Posted by bennimen
I plan to use @voluum script. Most other trackers have similar functions.
https://doc.Voluum.com/en/lander_protection_script.html
Thanks for the reply man!
Doesn't help for those using Amazon's S3 and those that use static pages.
Sent from my SM-G9550 using Tapatalk
Hmm, I bet a similar script could be written for other trackers. I'd imagine that you could even apply
Sent from Maui using Tapatalk
Originally Posted by bennimen
Most trackers have a protection script (see below), which almost all the time works the same:
- create a hash based on the user agent and the timestamp, encrypted with a key. Binom / Redtrack / Voluum use almost the same script with md5 encryption, while peerclick uses an other encryption method
- pass it as a parameter to the landing page
Then:
- either you put a server side script that read the URL parameter, make the check and block/redirect the page, or serve the page
- or you put a JS script at the top of your page that block rendering / redirect if needed
The disadvantages of JS:
- it can be desactivated
- the key to encrypt/decrypt is visible in the code
- slow down the page rendering
- not compatible with all browsers (at least @voluum code that uses module.exports for their md5, which is not compatible with IE and some Edge versions. Maybe they corrected since then)
Binom
https://docs.binom.org/lp-protect.php
Redtrack
https://redtrack.zendesk.com/hc/en-u...ct-LP-Protect-
Peerclick
https://help.peerclick.com/docs/landing-page-protection
This said, don't bother coding one unless you have a good reason to do so. Ask your tracker support to provide it.
Home > Programming, Servers & Scripts >