Obfuscate email addresses and other personal data, so bots can't scrape them.
Some personal information like email addresses or phone numbers, should never
appear in plain text in your website's source code, so bots can't scrape them.
Otherwise your contact information is in danger of being the target of spam
mails or sms. This is where botex
comes in. Using its CLI, the
botex webapp, or using the library server side, you
can hide your personal contact info from bots. Usually, this is done by base64
encoding the email or tel strings and only decoding them when a user clicks on a
mailto link for example. But scraping bots have improved and can nowadays
automatically decipher base64 or other simple ciphers, such as cesar ciphers.
botex
obfuscates personal information by using a key - that can be any
string - to scramble the input. Doing that, it makes it much harder for bots to
deobfuscate the data, as they'd first need to find out that you're using botex
and then not only find the encoded information, but also the key for it.
Specialized bots would first have to be developed to do this, which is hopefully
to much of a hassle for hackers to be done.
botex
tries to be a compromise between being secure (it's not securely
encrypting anything, but hopefully annoying bots enough to give up) and being
simple (the functions are straight forward and the lib much smaller than 1kb).
Just be aware, that you're not perfectly protected just because your using
botex
, but you're certainly better off than using base64.
Now you might ask, how to put your email address on your webpage for everyone to
see, without actually having it in your source code... For that I recommend
creating an SVG image from your email address with a tool, such as
Google Font to Svg Path.
When that SVG is clicked you can open a mailto link, that you decrypt using
botex
. Some people encode email addresses as HTML entities or put them on the
page in reverse character order and flip them again using CSS, but I suspect
that bots have by now gotten the hang of that, too.
One note on the opening of mailto links on click though... I don't know about you, but I hate when a page is doing that... I much prefer having two icons either next to the email, or appearing as a popup on hover or on click, that let you select to either open the mailto link or to copy the mail to the clipboard. Checkout this example for selectively copying the mail or opening it.
import { scramble, unscramble } from "botex";
const key = "abc123xyz";
const mail = "[email protected]";
const obfuscatedMail = scramble(mail, key);
// -> some gibberish bots hopefully can't read...
// ...
const key = "abc123xyz";
const scrambledMail = "Aasd123Bsdf..."; // Some gibberish...
const mailtoLink = document.querySelector("#mail-link");
mailtoLink.onclick = () => {
// Get back the original data
const originalMail = unscramble(scrambledMail, key);
location.href = `mailto:${originalMail}`;
};
botex
comes with a cli that helps you to obfuscate information and to create
keys, so you can just copy them into your project.
$ botex --help
Usage: botex [options] [command]
Options:
-v, --version output the version number
-h, --help display help for command
Commands:
scramble [options] <input> Obfuscate the input string, so that bots (hopefully) can't read it (default command)
unscramble [options] <input> Deobfuscate a scrambled string to retrieve the original data
help [command] display help for command
$ botex scramble --help
Usage: botex scramble [options] <input>
Obfuscate the input string, so that bots (hopefully) can't read it (default command)
Options:
-k, --key <key> The key used to obfuscate the input. This can be any string
-a, --auto-key If present, botex will auto generate a key for you (default: false)
-b, --alphabet <alphabet> The set of characters botex should use to generate a key (default:
"0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz")
-l, --key-length <length> The length of the generated key (default: "16")
-s, --code-snippet Print a JS code snippet using the created values (default: false)
-h, --help display help for command
$ botex unscramble --help
Usage: botex unscramble [options] <input>
Deobfuscate a scrambled string to retrieve the original data
Options:
-k, --key <key> The key used to obfuscate the input
-h, --help display help for command
MIT