Any way to block access to my site if users are blocking javascript?

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • HighlyIntoxicated
    Confirmed User
    • Dec 2009
    • 542

    #1

    Any way to block access to my site if users are blocking javascript?

    One of the functions on my site relies on javascript, and people have been getting around it, by disabling js.

    Is there any way to block users from my site/redirect them to a page, if they have javascript disabled?
  • seeandsee
    Check SIG!
    • Mar 2006
    • 50945

    #2
    yes there is, i dont know how, but i saw content lockers have protection against it so there is some working solution
    BUY MY SIG - 50$/Year

    Contact here

    Comment

    • HighlyIntoxicated
      Confirmed User
      • Dec 2009
      • 542

      #3
      I've seen something similar with a content locker, except it blocked users access to the site if they had adblock enabled.

      Both of these features would be awesome if anyone knows where I could find em.

      Comment

      • rowan
        Too lazy to set a custom title
        • Mar 2002
        • 17393

        #4
        Can you explain the particular functionality on your site in more detail? Does it involve fetching something from the server? If so, you could do that through j/s.

        Another option would be to redirect to the content/function via j/s, and use <noscript>sorry, you need j/s enabled</noscript> kinda thing.

        Both could be worked around by someone viewing the source, unless your j/s does some tricky obfuscated calculations to come up with a valid key that your server is expecting...

        Comment

        • HighlyIntoxicated
          Confirmed User
          • Dec 2009
          • 542

          #5
          My site isnt doing anything too complicated. I am using a content locker which relies on javascript, if users disable js they are able to get to the content, which is what im trying to fix.

          Comment

          • prezzz
            Confirmed User
            • Jul 2004
            • 959

            #6
            I found this solution on StackOverflow a while ago while I was searching for something completely unrelated.

            Whenever a user has Javascript disabled, the <noscript> tags come into play. Among other things, you can put some CSS code within those tags and it'll be fully processed. In this case, you could wrap your entire site into a specific <div> like this:

            <div id="sitewrapper">
            ...your site content...
            </div>

            and then activate a special CSS definition for those that have Javascript disabled:

            <noscript>
            <style type="text/css">#sitewrapper {display: none;}</style>
            </noscript>

            TEMPLATEHYPE.COM - PREMIUM MECHBUNNY TEMPLATES
            Responsive Mechbunny templates now available - NEAT TUBE - REDDY TUBE

            Comment

            • TripleXPrint
              Confirmed User
              • Apr 2007
              • 983

              #7
              Originally posted by prezzz
              I found this solution on StackOverflow a while ago while I was searching for something completely unrelated.

              Whenever a user has Javascript disabled, the <noscript> tags come into play. Among other things, you can put some CSS code within those tags and it'll be fully processed. In this case, you could wrap your entire site into a specific <div> like this:

              <div id="sitewrapper">
              ...your site content...
              </div>

              and then activate a special CSS definition for those that have Javascript disabled:

              <noscript>
              <style type="text/css">#sitewrapper {display: none;}</style>
              </noscript>
              This will work only if you're using it to "hide" the content, not block access.
              Skype: Triplexprint

              Comment

              • Varius
                Confirmed User
                • Jun 2004
                • 6890

                #8
                You should not be relying on client-side code to protect your content/control access

                If you really want to, you can look into javascript and/or html obfuscation, but know all of them are breakable fairly easily and may cause some browser trouble.

                If you just want a solution that works against the "average" surfer, make an Ajax call via jQuery which then outputs the HTML needed to show the content; in other words, don't have it embedded in your HTML source.
                Skype variuscr - Email varius AT gmail

                Comment

                • Tempest
                  Too lazy to set a custom title
                  • May 2004
                  • 10217

                  #9
                  Difficult to do... Could have some PHP on every page that checks a block IP list... Using the noscript tags, you could call an iframe that adds the IP to the list or maybe set something in a session.. The PHP would have to clear out old IPs/session every so often as well. The check might have to be in an iframe after the noscript one so that the IP/session gets recorded first. Just off the top of my head, something like that.

                  But yeah, the content protection should default to NO ACCESS unless they have javascript enabled.

                  Comment

                  • DangerX !!!
                    Confirmed User
                    • Feb 2011
                    • 886

                    #10
                    You can only block users with very little computer knowledge in this way, every more advanced user will pass this blockade in a matter of minutes.
                    This is sig area!

                    Comment

                    • HighlyIntoxicated
                      Confirmed User
                      • Dec 2009
                      • 542

                      #11
                      Thanks for the information.

                      At the moment the content locker is doing a fairly good job, with only a few people getting around it, perhaps i'll just ride it out.

                      Comment

                      • camperjohn64
                        Confirmed User
                        • Feb 2005
                        • 1531

                        #12
                        You can ONLY deliver this page:

                        <html>
                        <script>
                        document.location = "realpage.html";
                        </script>
                        You must enable javascript to see this
                        </html>

                        If the person doesn't have javascript active, it never gets to realpage.html
                        www.gimmiegirlproductions.com

                        Comment

                        • camperjohn64
                          Confirmed User
                          • Feb 2005
                          • 1531

                          #13
                          If you wanted to get fancy, you could obfuscate the javascript target to go to index.php?page=fbdbe7277d7a77&md5=abb5b2bfbdbe7277 d7a77f7e.php and that page could then do an MD5 checksum on the md5 to confirm it's a valid target page.

                          This would make the hardest of hackers give up and just turn on javascript.
                          www.gimmiegirlproductions.com

                          Comment

                          • InfoGuy
                            80/20 Rule
                            • Apr 2010
                            • 3052

                            #14
                            Access to your content may not be the primary motive of everyone that blocks scripts. Have you considered the possibility that some surfers block scripts by default to protect themselves from malware?
                            Support American Heroes | How Bad is My Batch? | Vaccine Deaths & Adverse Reactions | Free Speech Coalition | <WARNING> ePayService / Guerra Capital, INC / MTACC payments | Flirt4Free Fucks their Affiliates | Don't do business with piece of shit Andy Alvarez from Webmaster Central / VR3000, who said:
                            "If it was up to me, they would have shot all 30,000 of those country loving shitheads"

                            Comment

                            • HighlyIntoxicated
                              Confirmed User
                              • Dec 2009
                              • 542

                              #15
                              Originally posted by InfoGuy
                              Access to your content may not be the primary motive of everyone that blocks scripts. Have you considered the possibility that some surfers block scripts by default to protect themselves from malware?
                              I am aware there are legitimate reasons to block scripts, however I know for certain people are turning off js to get around my content locker, as i have seen it discussed on forums.

                              Comment

                              • u-Bob
                                there's no $$$ in porn
                                • Jul 2005
                                • 33063

                                #16
                                1. Client side 'protection' can always be circumvented.
                                2.
                                using Javascript print an <img src="/somephp.php">

                                have somephp.php set a cookie.

                                have your other pages check if the user came from your site (referrer) and if they have the cookie that is set by somephp.php. If they don't have the cookie, they are probably blocking js.

                                Comment

                                • SmokeyTheBear
                                  ►SouthOfHeaven
                                  • Jun 2004
                                  • 28609

                                  #17
                                  i dont get why you dont use css to hide the content.. explain what you are trying to protect ?
                                  hatisblack at yahoo.com

                                  Comment

                                  • redwhiteandblue
                                    Bollocks
                                    • Jun 2007
                                    • 2793

                                    #18
                                    Originally posted by camperjohn64
                                    You can ONLY deliver this page:

                                    <html>
                                    <script>
                                    document.location = "realpage.html";
                                    </script>
                                    You must enable javascript to see this
                                    </html>

                                    If the person doesn't have javascript active, it never gets to realpage.html
                                    That'll work right up until they view the source and type "realpage.html" into their browser.
                                    Interserver unmanaged AMD Ryzen servers from $73.00

                                    Comment

                                    • cam_girls
                                      So Fucking Banned
                                      • Apr 2009
                                      • 2968

                                      #19
                                      Really basic method if you have a page where they come from, use onclick on the button.

                                      <img src="readmymind.png" height=54 onclick="window.location='http://www.mindreading.com/Question.php';">
                                      Last edited by cam_girls; 03-30-2011, 07:22 AM. Reason: ONLICK hahah

                                      Comment

                                      • fris
                                        Too lazy to set a custom title
                                        • Aug 2002
                                        • 55700

                                        #20
                                        Originally posted by cam_girls
                                        Really basic method if you have a page where they come from, use onclick on the button.
                                        bad advice homie
                                        Since 1999: 69 Adult Industry awards for Best Hosting Company and professional excellence.

                                        Comment

                                        • iamtam
                                          So Fucking Banned
                                          • Feb 2010
                                          • 1211

                                          #21
                                          on their first page, use javascript to write a cookie. as they hit enter, read the cookie with php on the inside page. if there is no cookie set, redirect them back to the front page. if they have java turned off, there will never be a cookie, so java is likely disabled.

                                          Comment

                                          Working...