|
HTML Guardian Profiles and advanced settings - encrypt
html, hide source code using profiles
HTML Guardian's Profile Manager and Advanced Configuration
Settings window can be invoked from the Configuration menu
or by pressing the F5 key. Profiles allow you to perform different
operations ( like to encrypt html, hide source code, password protect
web pages etc.) using pre-defined sets of security options.
Here you can configure HTML Guardian Profiles and Advanced
Settings for the Code Analyzer engine, Encryption engine
and Debugging engine.
A profile is a predefined set of protection options and settings
for the Code Analyzer, Encryption, Security Auditor and Debugging engines. When you load
a profile, all settings stored in it will be automatically applied to
all files encrypted after the profile was loaded.
Profiles provide a convenient way to quickly apply a set of settings
without having to specify them for each file individually. However,
you may change each profile setting before encrypting some file.
Let's say the currently loaded profile is set to disable the text selection
- this protection option will be automatically applied to all files.
But you may uncheck the 'Disable text selection' box before encrypting
some file, and this option will not be applied to it. For the next file
you encrypt, it will be applied again.
Default settings Tab
Profiles Tab
IE 5+ Tab
Noscript Tab
Code Analyzer Engine Tab
Profiles and File Lists
Default settings Tab
In the Default settings Tab you can configure the protection options
to be used for a certain profile. You can specify different options
for html/shtml, script and frameset files. Here you can also define
the default browser for this profile, the password protection and the
referrer check.
Only one password and one referrer can be set for a given profile. Also,
only one wrong password action and only one wrong referrer action can
be defined per profile.
Profiles Tab
The Profiles Tab let's you manage your profiles.
Load selected profile button will load the profile selected in
the Available profiles list. All files encrypted afterwards will be
encrypted with the settings from this profile.
Set selected profile as default button will make the profile
selected in the Available profiles list the default one (but will not
load it).
Load blank profile button will load a profile with a minimum
set of options - files will be encrypted without any additional protection
options, and all settings for the Code Analyzer, Encryption and Debugging
engines will be set to their minimum values. This can be useful for
identifying problems - if the encrypted file does not work as expected,
you may load a blank profile and try again.
You can load a blank profile at any time by pressing the F10
shortcut key.
Unlike all other profiles, the blank profile (blank.hgp) can't be modified.
You can't store user-defined settings like a html password in
the blank profile.
Load Default profile when HTML Guardian starts - if checked,
the profile set as default will be automatically loaded when the program
starts, and all files will be encrypted with the settings from this
profile(unless you load another profile). If not checked, and you do
not load another profile, all files will be encrypted using the default
HTML Guardian settings.
To create a new profile, click the 'Create a
new profile from the current settings' button. You will have to specify
a name for the new profile, and all the settings specified in all tabs
will be saved as a new profile. To be able to use the new profile,
click the Refresh button - the new profile will appear in the Available
profiles list, and you will be able to load it or set it as a default
profile.
If you modify the currently loaded profile and save it under the same
name, you will have to load it again for the changes to become effective.
Note : Files will always be encrypted with the
settings specified in the currently loaded profile.
If you check the Load Default profile when HTML Guardian starts
box, this will load the default profile at startup, and all files will
be encrypted with the settings specified in it (unless you load another
profile).
If no profile is loaded (Load Default profile when HTML Guardian
starts box is not checked), HTML Guardian will apply its default
settings, not the settings specified in the default profile.
Note that the default HTML Guardian settings (which will be applied
if no profile is loaded) are different from the settings specified in
the blank profile (blank.hgp)
The currently loaded profile is displayed under the Available profiles
list. If you see there 'Default profile: None' - this means no profile
is currently loaded and the default HTML Guardian settings will be applied.
Press F4 to see the current values of some of the most important
settings.
IE 5+ Tab
Here you can specify some settings for the files encrypted with the
alternative encryption method (for IE 5+ only).
All these settings will have no effect for files encrypted with the
default (for All browsers) method.
Put a browser detection script in html files encrypted for IE 5+
- if this option is checked, a script for browser detection will be
inserted in all html files encrypted for IE 5+.
If a page encrypted for IE 5+ is loaded in another browser, it will
not be displayed properly ( in most cases a blank page will be displayed
) . Using this option, you may show a message to the visitor that IE
5+ is needed to view this page, to redirect him to another page etc,
depending on the script.
The script itself is stored in ie5script.txt file in HTML Guardian's
installation folder, clicking the Edit button will open this file for
editing.
The script tags must be included, i.e. the ie5script.txt should start
with <script> and end with </script>.
Note that HTML Guardian may reject the script - in such case
no error message will be displayed, the script will simply not be included
in encrypted files.
Default IE 5+ encryption method - it is recommended that you
use the Enhanced method. In case of problems with encrypted files you
may switch to the Classic method.
You may change the Default IE 5+ encryption method at any time by pressing
the F6 key (to apply the Classic method) or F7 key ( to apply the Enhanced
method ).
If you use F6 or F7, this setting will remain valid for the current
session (i.e. until you restart HTML Guardian), no matter of the setting
specified in the currently loaded profile. For example, the currently
loaded profile may be set to use the Enhanced method. If you press F6
(to switch to the Classic method), all files will be encrypted using
the Classic method afterwards - but this will not alter the profile.
Extensive debugging - in most cases there is no need to use this
option, but if the encrypted file does not work as expected, you should
turn it on. You can turn Extensive Debugging On at any time by pressing
the F8 key, or turn it Off by pressing F9.
Press F4 to see the current values of some of the most important
settings.
Noscript Tab
Files protected with HTML Guardian can only be viewed in a javascript
enabled browsers. Although 99.9 % of the browsers used these days
are javascript enabled, there is still a very small possibility someone
with a non-javascript enabled browser to visit your site - in such
case, only the content of the NOSCRIPT tag will be displayed (this
is valid for any encrypted file, not only in the cases of javascript
encryption).
You can put any valid piece of html code inside the NOSCRIPT tag ( of
course no scripts ). The NOSCRIPT tag to be inserted is stored in the
noscript.txt file in HTML Guardian's installation folder, click Edit
to modify it. NOSCRIPT tags should be included, i.e. this file should
start with <NOSCRIPT> and end with </NOSCRIPT>.
It is recommended to insert a NOSCRIPT tag in encrypted HTML formatted
emails - in some email clients javascript is disabled. In the NOSCRIPT
tag you may also include a content which you want the search engines
to see but to remain invisible to the visitors of your site.
Note that HTML Guardian may reject the NOSCRIPT tag - in such
case no error message will be displayed, the NOSCRIPT tag will simply
not be included in encrypted files.
Code Analyzer Engine Tab
Here you can define some Code Analyzer engine settings
The Heuristics Sensitivity Level setting basically defines how
deep should Code Analyzer look in your code to predict possible conflicts
and problems. For most files the recommended setting is between 50 and
60.
It is recommended to increase the Heuristics Sensitivity Level in the
following cases:
- files with complicated scripts and dhtml effects
- files which contain sample html or script code, such as tutorials
on web design etc.
- files that use document.write and similar statements to dynamically
change the page code
- files where complicated javascript functions are called when some
event fires, for example a button click - in this case the Code Analyzer
engine will try to predict what will happen with the encrypted page
if some event fires.
For simple files you may decrease the Heuristics Sensitivity Level, this will also improve encryption speed a bit.
Allow Code Analyzer to change Heuristics Level if
necessary -
there are many situations available in Code Analyzer's knowledge base
for which a certain Heuristics Level is the most suitable. If this option
is checked and such situation occurs, the Code Analyzer engine will
automatically switch to another Heuristics Level, known to handle such
situation better. This will only be done for the file currently being
encrypted, then the Heuristics Level will be restored to the value specified
in the currently loaded profile.
If this option is checked, in most cases there is no need to change
the default Heuristics Level in your profiles - the Code Analyzer will
change it if needed.
We recommend that you always use this feature.
Allow Code Analyzer to interact with installed browsers - if
checked, the Code Analyzer engine will test a 'suspicious' parts of
the code to see how they will behave in different browsers after encryption
by checking each browser reaction to them.
Code Analyzer can test the behavior of IE4.0 or higher, Netscape 4.0
or higher and Opera 5.0 or higher. Of course, it can only test those
browsers which are installed on your system. That's why we recommend
that you have at least one version of IE, Netscape and Opera installed.
For Netscape and Opera, it is not a problem to have different versions
installed.
We recommend that you use this option, although it may slow down the
encryption a bit.
Launch multiple instances of Code Analyzer for encryption
of folders or filelists - if checked, this will launch a separate instance
of the Code Analyzer engine for each file that has to be encrypted.
This means also a separate instance of the Encryption and Debugging
engines will be launched for each file.
This option can only be useful if the total file size of the files to
be encrypted at once exceeds 2-3 MB, otherwise there will be no noticeable
difference in the encryption speed. But if you need to encrypt a large amount
of files at once often, it can be very useful - our tests with a 40MB
set of files showed nearly 5 times faster encryption if this option
is used.
In most cases, there is no need to use this option. It should not be
used for PC's with less than 128MB RAM.
This setting is not taken into consideration when you encrypt html
files using the ultra strong html password protection utility.
Profiles and File Lists
When you encrypt a File List or a Site, all settings specified in the
currently loaded profile will be applied to the files in the list /
site, except those specified in the Default Settings tab - in file lists
/ sites these settings can be specified for each file individually,
so the profile settings will be ignored. If no profile is loaded, the
default HTML Guardian settings will be applied for all the options that
can't be configured from the File List Manager / Site Manager.
The above does not apply in cases when you encrypt html file (or any
other single file - like .js, .vbs, .css, images etc.) - currently
loaded profile settings are always used for them, unless changed.
Profile settings do not apply to the ultra-strong html password protected
files.
|
