Unauthorized Web Import

R

Russell

I used FrontPage2002 to build a website and it is currently live for public
access. I searched FrontPage Inside Out but cannot find an answer to the
following question: Can anyone with FrontPage go to my website and use the
Import Web Wizard to copy my website? If so, is there any way to prevent
this from happening through FrontPage 2002 security settings or other tools?

Thank you for any help you can provide.
 
T

Tom Pepper Willett

Yes, they can import certain pages. The import function only imports what is
seen by a browser, so shared borders, include files, navigation structure,
themes, asp pages, databases, etc. are not imported.

It's not much different than someone simply saving the page to their hard
drive while it's open in the browser.

No, it cannot be prevented.
--
===
Tom "Pepper" Willett
Microsoft MVP - FrontPage
---
About FrontPage 2003:
http://office.microsoft.com/home/office.aspx?assetid=FX01085802
FrontPage 2003 Product Information:
http://www.microsoft.com/office/frontpage/prodinfo/default.mspx
Understanding FrontPage:
http://msdn.microsoft.com/office/understanding/frontpage/
===
|I used FrontPage2002 to build a website and it is currently live for public
| access. I searched FrontPage Inside Out but cannot find an answer to the
| following question: Can anyone with FrontPage go to my website and use the
| Import Web Wizard to copy my website? If so, is there any way to prevent
| this from happening through FrontPage 2002 security settings or other
tools?
|
| Thank you for any help you can provide.
 
R

Russell

Dear Mr. Willett:

Thank you very much for your prompt and helpful response. I was told by a
"web security" sales person that something could be installed (e.g.,
firewall, etc.) to prevent this from occurring. The website is an annual
online subscription service and all proprietary database content is
copyrighted; however, we are concerned about competitors/customers
unauthorized copying of the entire database. I assume from your response
that the info we received from this salesperson is incorrect and that there
are no security tools, products or services to prevent this from occuring.

Thank you again.
 
M

Murray

Your web security sales person is trying to sell you a bill of goods. There
is not a good way to prevent this.
 
T

Thomas A. Rowe

As long as the permissions are set correctly on your site by your host, the only content that can be
imported, is the content that you can view in a browser, The database and any server-side script can
not be seen or imported. FP uses the same function as any offline browser application to download or
import pages.

There are coding methods available to stop FP and other offline browser application from grabbing
your content, but you will need to know ASP, PHP, ASP.net, etc. to accomplish as well as searching
the internet to find code snips to use/modify to meet your needs.

--
==============================================
Thomas A. Rowe (Microsoft MVP - FrontPage)
WEBMASTER Resources(tm)

FrontPage Resources, WebCircle, MS KB Quick Links, etc.
==============================================
 
R

Russell

Dear Mr. Rowe:

The website is hosted on a Linux server, so we don't have the full range of
FP permissions. It had been hosted on a Windows 2003 server, but the FP
permissions did not work once the host upgraded from 2000 - 2003, so we were
switched to the Linux. But we are able to set unique permissions for the
subweb where all the content is stored.

Where can we locate the "snips" and do any of you MVPs do consulting to help
us with this issue?

Thanks again for all the posts and help.
 
T

Thomas A. Rowe

Yes, I and some of the other MVPs do consulting work.

However I can't help you since you are hosted on a Unix/Linux server and I only provide this type of
code to my clients where I have developed and I continue to maintain their ASP based web sites.

Since you are hosted on Unix/Linux you most like would use PHP, so all of the pages within your site
or the section that you want to block FP and other Offline browsers would need to be .php pages.

Second you would search for code snips that would allow you to block Offline Browsers from accessing
your site/section

Here is a link to some of the things you would want to consider:
http://www.closetnoc.org/tinytrap/tinytrap-docs.html

http://diveintomark.org/archives/20...pybots_and_tell_unwanted_robots_to_go_to_hell


Your really need to be more concern about Offline browsers more so than FP users importing your
site, such as the following product:
http://www.sharewaresoft.com/WebCopier-download-10905.htm
which is one of many available.
--
==============================================
Thomas A. Rowe (Microsoft MVP - FrontPage)
WEBMASTER Resources(tm)

FrontPage Resources, WebCircle, MS KB Quick Links, etc.
==============================================
 
A

Andrew Murray

unless you know the precise location and name of the database file. e.g. you
could browse to the fpdb looking for the mdb files, and possibly right-click and
save as, but then again, I think by default you'll get a 403 Forbidden error (so
you can't browse the directory) and same with the _private folder - the
permissions are such that scripts and so forth can read and write to files in
that folder, but you can't just browse to that directory - that is where FP
extensions are in operation. I don't know what the equivalent Unix chmod would be
maybe something like 666 or 755 or 777 (but since it would be Windows, the
permissions are set differently.)



message You can't easily import a database I don't think.


| Your web security sales person is trying to sell you a bill of goods. There
| is not a good way to prevent this.
|
| --
| Murray
|
| | > Dear Mr. Willett:
| >
| > Thank you very much for your prompt and helpful response. I was told by a
| > "web security" sales person that something could be installed (e.g.,
| > firewall, etc.) to prevent this from occurring. The website is an annual
| > online subscription service and all proprietary database content is
| > copyrighted; however, we are concerned about competitors/customers
| > unauthorized copying of the entire database. I assume from your response
| > that the info we received from this salesperson is incorrect and that
| > there
| > are no security tools, products or services to prevent this from occuring.
| >
| > Thank you again.
| >
| >
| > "Tom Pepper Willett" wrote:
| >
| >> Yes, they can import certain pages. The import function only imports what
| >> is
| >> seen by a browser, so shared borders, include files, navigation
| >> structure,
| >> themes, asp pages, databases, etc. are not imported.
| >>
| >> It's not much different than someone simply saving the page to their hard
| >> drive while it's open in the browser.
| >>
| >> No, it cannot be prevented.
| >> --
| >> ===
| >> Tom "Pepper" Willett
| >> Microsoft MVP - FrontPage
| >> ---
| >> About FrontPage 2003:
| >> http://office.microsoft.com/home/office.aspx?assetid=FX01085802
| >> FrontPage 2003 Product Information:
| >> http://www.microsoft.com/office/frontpage/prodinfo/default.mspx
| >> Understanding FrontPage:
| >> http://msdn.microsoft.com/office/understanding/frontpage/
| >> ===
| >> | >> |I used FrontPage2002 to build a website and it is currently live for
| >> public
| >> | access. I searched FrontPage Inside Out but cannot find an answer to
| >> the
| >> | following question: Can anyone with FrontPage go to my website and use
| >> the
| >> | Import Web Wizard to copy my website? If so, is there any way to
| >> prevent
| >> | this from happening through FrontPage 2002 security settings or other
| >> tools?
| >> |
| >> | Thank you for any help you can provide.
| >>
| >>
| >>
|
|
 
A

Andrew Murray

If you're able to, experiment with the chmod settings (file permissions) within
your FTP program (not the FTP in FP, an external application like CuteFTP) - you
can usually set permissions on folders and files within your web space.
 
R

Russell

Thank you so much for the advice.....and for your expertise. As I said
previously in another post, you guys are amazing!
 
Top