Website Encryption

as far as i understand that ... you have an ASP application that should run locally on a machine? so it requires a webserver on every machine? anyway ... the product you mentioned claims to do the job ... even for clientside code ... but the technology you used isn't really supposed to hide the code. a copyright-/license-note should be basicly enough ... even when everybody could have a look at the code. I guess you even learned from downloaded snippets, online-tutorials etc. ... so let me recommend to use an open source license like one of these ... because any encryption needs decryption thus will influence performance and on the other hand this could be often simply decrypted by people who want to do so ... so that in my personal opinion such encryption-decryption-performance-overhead could be simply avoided by just not using it.

In your case, you want to hide the 'process'- or 'business'-logic ... and that is necessary of course ... but then i would suggest to host the app on a server and sell licenses for remote-use, so that you don't need to deploy the app to a client's machine where everybody could do anything with the code. then you would even have much more control over the ASP-runtime ... which is basicly much more worth to be taken into account ... since selling a license will even put you in a kind of support-position ... because the app must run, and simply telling requirements for that could lead to annoyance when they didn't fit some client-machines. The hosted app would even allow to do centralized updates, fixes etc. ... you could even create virtual hosts ... where you could charge for the updates etc. ... but everything is under your control with this approach.

kind regards

THANX for the suggestions gits. I'm sorry I can't be more open minded about this to be able to consider them, but there are pretty unique aspects to this job that require a browser front end and standalone capability, plus code protection that's more robust than depending on people to honor copyrights.

I'm developing the system on my web server - it's nearly complete and you can see it there, but you won't see very much because it's all login controlled. This system will import and export member data from a state database, but its database can be downloaded to a laptop where an IIS served version of the system resides, so that it can be deployed for use at locations where there is no internet connectivity.

As to speed, that's not an issue, although the decryption required for page delivery will be compensated (maybe even providing faster response time in the end) by the smaller encrypted file sizes (all comments and white space is removed from the asp pages in the encrypting process). As we all know, there is no such thing as unbreakable encryption, but according to HTMLGuardian's claims, it would take much longer to break their encryption than would be worthwhile for someone inclined to attempt it.

My main reason for posting this question was to see if anyone knows of other products than HTMLGuardian that might be better - either cheaper, easier, or more robust.

:) i understand that question ... in case it is not to avoid with a hosted solution then you would need to protect it with something like the mentioned tool. perhaps there are other things out there like this one that might be checked?

kind regards