D
D
diversant1232017-03-13 13:14:20
CMS
diversant123, 2017-03-13 13:14:20

How can I track which domains my CMS is used on?

Tell me how to implement: I
have my own engine for an online store, a certain development platform, it is distributed for a fee, under a license
I want to track its illegal use, how best to do this?
So far, I see three ways for myself (I want to use everything at the same time)
- on the php side (so that some system file requests a file from my server)
- on the js side (so that some js library sends a request to my server)
- on the css side (so that some small picture from my server is loaded)
All this should be done as "invisibly" as possible.
The question is how to implement it on the server side. And so that with minimal use of resources, because. each visitor of each site will send a request to the server.
I will be glad to any advice. Thanks in advance.
UPD: I'll clarify the question a little, HOW to implement this on the server side?

Answer the question

In order to leave comments, you need to log in

7 answer(s)
F
FanatPHP, 2017-03-13
@FanatPHP

Kindergarten, pants with straps.
Naive dreamers have been asking this question for many years, but the answer has not changed during this time:
1. To cut off unlicensed use - no way to track it . A nulled version of your unfortunate engine will appear on the Internet a day after the release, in which all the checkers you can think of will be torn off.
2. It is necessary to sell not a program, but a service. Host your platform on your own server and charge a monthly usage fee. There are no other options to track usage, and there cannot be.

N
Nwton, 2017-03-13
@Nwton

Add an auto-update system to your CMS so that the developer does not have suspicions about strange files sending requests to other domains. In the admin panel, give the opportunity to disable this auto-update and still continue to send requests once a day, requesting information about the new version.

A
Andrey, 2017-03-13
@reaferon

If the CMS implies installation, then you can make a request one time during installation.
If CMS setup is meant, then the request can be made when performing this action.
In general, if I were pinned like this, I would make the installation a single file that pulled the sources from my server and deployed it on the client's server. Well, at the same time I would put a "tick" at myself.

A
Adamos, 2017-03-13
@Adamos

1. Buying the engine has the right to put only one copy of the site? But what about a server for development and testing, for example? What if he doesn't have internet access?
2. What will you do if your scripts signal unlicensed use? This, in fact, is the best you can count on - all sorts of "prohibitions" there will still be broken, but the "knocker" may be missed. Well?
3. Look around. Where do you see people selling engines? Trade the possibility of updating, plugins and other services. Do you know why?..

V
Vasily, 2017-03-13
@DobriyJuk

1. Think over the mechanism: The engine does not work without entering a license key. Those. it is required that the activation of each function requires the presence of a certain key, requested from the server every few minutes. The more difficult and hectic the hacking is, the less likely it is that someone will bother.
2. You can organize requests in turn from several external IPs.
3. Each function must use different variables and access it directly, not through some single function, otherwise they will simply bypass it.
4. During installation, information from the server must be required to confirm the validity of the key. Then you will know who is from which domain.
5. It is possible to build in a mechanism for silently sending data, but then this should not happen immediately, but after some time. And it should not automatically block the domain, otherwise they will quickly reveal the chip. It’s better to quietly send the data, you receive it, and then write a comment proposal to the owners of the resource.

M
mudatad, 2017-03-13
@mudatad

damn it, I specifically asked how to implement this, and not why do I need it and other philosophy

Easy.
We make a server based on a platform that does not require source codes in production.
1. That is, on the compiled one. And preferably not in byte-code, which is easily decompiled.
2. Yes, and to simplify the installation - compiled in native code
3. As you might have guessed, this is not PHP. Suitable C/C++, Go, Haskell. Java, Python is not suitable.
Hacking such a thing is too laborious.
PHP breaks too easily.
That is, you can not raise the price.
As soon as you raise the price a little, it becomes profitable to break.
And what is written in PHP breaks even without knowledge of PHP itself, seriously.

K
kstyle, 2017-03-13
@kstyle

make a php request - but only on Mondays from 8 to 9 (day of the week and time is determined by the domain).

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question