Jump to content

Make your design YOURS


Jordan

Recommended Posts

I know that a lot of you take your time to customize your WHMCS to make it your own. You've spent a lot of time on it, and you don't want anyone to take credit for it, or hell, use it on their own (unless you give them permission.)

 

Anyway, recently I noticed a few people using my template, but I wasn't sure how they were able to get it right down to the smarty coding I used. Especially with how quickly it was up. But then I realized that if you directly accessed a .tpl file via a URL, you could see it's contents.

 

Bear posted perfect and easy solution to prevent from other people taking your hard work.

 

All you have to do is create an .htaccess file and add the following:

<Files "*.tpl">
Order Allow,Deny
Deny from All
</Files>

 

I'm posting this here because a lot of you visit this subforum. Even so, if an admin feels it deserves to be elsewhere, that's fine by me! I just figured that since those who have been targeted thus far have showcased their design, it would be best to go ahead and have it in here, so they could see it when they post here. :)

Link to comment
Share on other sites

^cihickendippers, it's easy to find out what directory you're using if you have a stylesheet being linked in your header, or even images that are directly in the template directory. Just like I know yours is using part of your hosting name in the directory ;). Which is how I'm guessing they were able to snag mine.

 

You can also use different directories for the orderforms too ;) But again, the best solution is just using the .TPL+.htaccess so it won't ever happen again. Just like I'm able to see that in your directory, just your CSS and JS files are available now.

Link to comment
Share on other sites

This is a great idea. The concept of stealing each of the tpl files and images is easy. Just set up a whmcs account, get a php file to check the contents of a template directory then just find that file using an external URL, download and write each to a file. Template = Stolen.

 

This solution is good, thanks Bear (and of course Jordan for making it stand out :) ).

Link to comment
Share on other sites

Its a very good mod and i recommend it to everyone, but that wouldnt protect the templates at all. Jordans/bears idea is a good one.
Of course it would protect them.

 

SecFilterSelective THE_REQUEST "\.tpl"

(Don't anchor at the end as that can be easily defeated with ?arg syntax)

 

Having said that, Jordan/bear's method is probably the best.

Link to comment
Share on other sites

To find the template directory you just need to view the page source and see images and stylesheet being loaded from there.

 

All the templates made for WHMCS would be based around one of the two templates provided with the software, so the filenames would be the same.

Link to comment
Share on other sites

Andy, that isn't going to do anything. If you have stylesheets or images used in in the coding, then someone can easily view the source and see what directory is being used for the template.

 

Just go to mywhmcs linked in my signature, and view source. You'll be able to see what directory my stylesheet is in. And then all you have to do is plug in the tpl filename into the url, and it would bring it up [if you didn't have anything set to protect them from public view.]

 

Even so, I already used a different directory name than the default, singlepage, and portal when this had happened to me before.

 

edit: JasonO beat me to the punch :P

Link to comment
Share on other sites

  • 6 months later...

Sorry to bring up an old thread

If you don't want anyone to access your templates you can simply create a index.php file with the bellow code in it and copy it to each of your template directory's

<?php

 

header("Location: ../../index.php");

 

?>

as well as using the .htaccess from the first post in this thread to guard against direct access to a template.
Link to comment
Share on other sites

If you don't want anyone to access your templates you can simply create a index.php file with the bellow code in it and copy it to each of your template directory's

Or just turn off Indexes, not that bad of an idea actually.

 

Yeh, just change the .tpl stuff to .css :)

Not going to work, because that specific type of file DOES need to be accessed via the internet. CSS files must be accessible to the world, unfortunately, or browsers won't be able to read them, and the design is shot.

 

This simple bit of code will expand this a bit , however, denying access to all .tpl and .inc files . .inc is used quite commonly as an include for php files. Place this in httpd.conf somewhere before the first VirtualHost, restart http and you're set

 

<Directory "/">
<Files *.tpl>
Order allow,deny
Deny from all
Satisfy All
</Files>
</Directory>
<Directory "/">
<Files *.inc>
Order allow,deny
Deny from all
Satisfy All
</Files>
</Directory>

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...

Important Information

By using this site, you agree to our Terms of Use & Guidelines and understand your posts will initially be pre-moderated