How to protect your WordPress external links
Encrypting External Links on Your WordPress Blog
As you may notice, all external links on my blog used to be encrypted to protect the content from being copied. I tried to find a plugin that does this, but I couldn’t find one, so I modified one that encodes external URLs to Base64. Instead of encoding the URL, I will show you how to encrypt it with your defined key. I will show you how I did it through simple steps if you wish to have external links encrypted on your WordPress blog.
Please note that the coder has merged my code with his from version 4.2.0 and above, so you do not need my code if you are using version 4.2.0 and above.
Instructions:
You will need php mcrypt_decrypt installed on your server
For CentOS just type
yum install php-mcrypt
For ubuntu just type
sudo apt-get install php5-mcrypt
Install WP No External Links plugin I am currently using version 4.0.2.
Activate the plugin.
Go to setting then wp-noexternallinks select the check box of Use base64 encoding...etc.
Now go to plugin editor.
Versions below 4.0 Select WP No External Links then select wp-noexternallinks-parser.php
Versions above 4.0 Select WP No External Links then select public then public.php
Search for:
$url=base64_encode($url);
Replace it with:
$salt ='PSOtJIaJCSRthDJ3ZkcNZVubMYZOZZrn'; // <--- This is your secret key it can be anything you like remember only keys of sizes 16, 24 or 32 supported in mcrypt_encrypt.
$url=trim(base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $salt, $url, MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND))));
Then Search for:
$url=base64_decode($url);
Replace it with:
$salt ='PSOtJIaJCSRthDJ3ZkcNZVubMYZOZZrn'; <--- We use the same key to decrypt
$url=trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $salt, base64_decode($url), MCRYPT_MODE_ECB, mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND)));
The reason for using the known $salt key is if your content gets copied you can always change the key on both locations and all of the previous links will be invalid to the person who copied your article.
Troubleshoot:
I faced some difficulties with some of the social share links such as (Linkedin , pinterest , mailto , skype and local links starting with #). Though the author of the plug-in did exclude those strings it did not work as expected so I had to tweak the code as follows:
Search for:
$this->debug_info('Not in exclusion list, masking...');
Add just before it:
if (false !== strpos($matches[2] . '//' . $matches[3],'javascript') or false !== strpos($matches[2] . '//' . $matches[3],'mailto') or false !== strpos($matches[2] . '//' . $matches[3],'twitt') or false !== strpos($matches[2] . '//' . $matches[3],'skype') or false !== strpos($matches[2] . '//' . $matches[3],'#')) {
return $matches[0];
}
If you get your page and comments section messed up you will need to replace:
$pattern = '/(.*?)<\/a>/si';
with:
$pattern = '/(.*?)<\/a>/i';
If all links are labled as _blank you have to add:
$url=$matches[2].'//' .$matches[3];
After:
$ifnofollow=' rel="nofollow"';
Then replace:
return ''.$matches[4].'';
if($this->options['link2text'])
return ''.$matches[4].' ^('.$url.')';
$link='<a'.$ifblank.$ifnofollow.' href="'.$url.'" '.$matches[1].$matches[3].'>'.$matches[4].'';
with:
return ''.$matches[5].'';
if($this->options['link2text'])
return ''.$matches[5].' ^('.$url.')';
$link='<a'.$ifblank.$ifnofollow.' href="'.$url.'" '.$matches[1].$matches[4].'>'.$matches[5].'';
Output examples:
Normal URL to Husmail
https://www.hushmail.com
With WP No External Links plugin (base64)
http://www.digi77.com/goto/aHR0cHM6Ly93d3cuaHVzaG1haWwuY29t
With WP No External Links plugin + Encryption
http://www.digi77.com/goto/HkiabvdkLqUt0uihqCaFE0tXqo1T4CccxSSjvehwcu0=