Howto: Impede logged-out users from reading your journal
Work in progress
Warning: This technique is not a guarantee. While this technique will prevent your journal from being read directly by logged out users, they can still read your public entries on the friends pages of your friends, or by using ?format=light on the end of the entry URL they were sent to. This technique is only a roadblock, not an actual stop. Do not rely on this technique to protect sensitive information.
This technique will display what looks like an LJ error page to anyone who visits your journal and is not logged in at LJ (log out and visit this entry again via this link). It gives the impression that there is a technical fault and they should try again later, but nothing will change until they log in.
Briefly:
1) Identify current layout and theme.
2) Create new theme layer.
3) Copy the contents of your current theme into the new theme layer.
4) Copy the code from the Page::print function in your current layout.
5) Paste the Page::print code from your current layout into the new code below, and then paste the entire thing into your new theme layer.
6) Edit your current style to use the new theme layer you just created.
Seriously, don't rely on this for any kind of security. Obscurity is not security. At best this technique only hampers the efforts of somebody who has stumbled across your journal. If somebody wants to read something you've posted publicly there's no way to stop them. For instance they could sign up for an account, or log in with Facebook, Twitter, Google, or OpenID. They could add ?format=light (for instance) to the end of the entry URL that they were directed to. They could visit the friends page of one of your friends and read your public entries there. So please, don't rely on this for security in any way.
1) Identify current layout and theme.
This is pretty easy. Visit Your Styles and you'll find a list of every style you've ever used. Your current style is listed in bold, with the Use button greyed-out. Click on Edit and you'll be taken to a page that lists the layout and theme names and numbers (if any). Note these down.
2) Create new theme layer.
Go to Your layers and scroll to the bottom of the page. Under the heading that says "Create layout-specific layer" choose "theme" from the Type dropdown and choose your current (as noted in step 1) from the Layout dropdown.
3) Copy the contents of your current theme into the new theme layer.
This is a two-tab step. In the first tab, open up the new them layer you just created. It'll be listed among all your other layers on Your layers, it'll have none as a name, and it'll have the largest number of any of the other listed layers. When you've found it, click on the edit button. Delete any code that is currently in the editor.
In the other tab you're going to find the contents of your current theme layer. If your current theme (as noted in step 1) only has a name, then you need to find it under the children of your layout layer on the Public Layers page. For my example I started with Expressive, and Subway Black, so the original theme layer is here. When you find the page for your original layer, click on "Raw Source Code" and copy the entire contents of the next page.
If your theme layer from step 1 had a number attached you can find the code by following this link: http://www.livejournal.com/customize/advanced/layersource.bml?id=##### substituting the number you wrote down for #####. Copy down the entire contents of that page.
Now, back on the first tab paste the code you just copied into your new layer. Press "Save & Compile", just for safety.
4) Copy the code from the Page::print function in your current layout.
Now head back to the second tab and the Public Layers page. Click on the name of your current layout and then click on "Raw Source Code". Again, in this example I'm using Expressive so I'll end up here. Use the find function of your browser to look for "function Page::print" on the page. That's the function of the layout that creates the final page view whenever anyone asks to see a page in your journal, and that's what we'll be replacing. What you need to do here is copy everything from between the curly braces ({ and }) associated with that function. The opening curly brace is the one immediately following the closing parenthesis, and the closing curly brace is the one immediately before the next mention of the word function. In most layouts, the closing curly brace is the one in the very first column.
5) Paste the Page::print code from your current layout into the new code below, and then paste the entire thing into your new theme layer.
Paste the code you just copied into the code snippet below, placing your code between the " # Original function code goes here" and "# END ORIGINAL FUNCTION CODE" lines. Then, past the entire collection of code into your new theme layer back on tab one, taking care to place it after all of the code you copied over in step 3. Make sure you press "Save & Compile".
Take a look at my finished example theme layer to see how yours should look.
function Page::print () {
if (viewer_logged_in()) {
# Original function code goes here
# END ORIGINAL FUNCTION CODE
} else {
"""
Error 401!
Error 401!
Sorry, the service is currently unable to authenticate the session. The page you requested is unavailable at this time. Frank has been chewing on the wires again.
Use the links to access more options:
LiveJournal
""";
}
}
6) Edit your current style to use the new theme layer you just created.
Finally, go back to Your Styles and click on Edit next to your current style. Under the theme dropdown you should find a new entry at the very bottom that has both a name and a number. Choose it and click on Save Changes.
If you've done everything correctly you shouldn't see any changes to your journal style while you're logged in, but if you log out you'll see what looks like an LJ error page no matter what page you try to visit.
Do not rely on Security through Obscurity, it is not foolproof and it can be beaten by a determined attacker.
Warning: This technique is not a guarantee. While this technique will prevent your journal from being read directly by logged out users, they can still read your public entries on the friends pages of your friends, or by using ?format=light on the end of the entry URL they were sent to. This technique is only a roadblock, not an actual stop. Do not rely on this technique to protect sensitive information.
This technique will display what looks like an LJ error page to anyone who visits your journal and is not logged in at LJ (log out and visit this entry again via this link). It gives the impression that there is a technical fault and they should try again later, but nothing will change until they log in.
Briefly:
1) Identify current layout and theme.
2) Create new theme layer.
3) Copy the contents of your current theme into the new theme layer.
4) Copy the code from the Page::print function in your current layout.
5) Paste the Page::print code from your current layout into the new code below, and then paste the entire thing into your new theme layer.
6) Edit your current style to use the new theme layer you just created.
Seriously, don't rely on this for any kind of security. Obscurity is not security. At best this technique only hampers the efforts of somebody who has stumbled across your journal. If somebody wants to read something you've posted publicly there's no way to stop them. For instance they could sign up for an account, or log in with Facebook, Twitter, Google, or OpenID. They could add ?format=light (for instance) to the end of the entry URL that they were directed to. They could visit the friends page of one of your friends and read your public entries there. So please, don't rely on this for security in any way.
1) Identify current layout and theme.
This is pretty easy. Visit Your Styles and you'll find a list of every style you've ever used. Your current style is listed in bold, with the Use button greyed-out. Click on Edit and you'll be taken to a page that lists the layout and theme names and numbers (if any). Note these down.
2) Create new theme layer.
Go to Your layers and scroll to the bottom of the page. Under the heading that says "Create layout-specific layer" choose "theme" from the Type dropdown and choose your current (as noted in step 1) from the Layout dropdown.
3) Copy the contents of your current theme into the new theme layer.
This is a two-tab step. In the first tab, open up the new them layer you just created. It'll be listed among all your other layers on Your layers, it'll have none as a name, and it'll have the largest number of any of the other listed layers. When you've found it, click on the edit button. Delete any code that is currently in the editor.
In the other tab you're going to find the contents of your current theme layer. If your current theme (as noted in step 1) only has a name, then you need to find it under the children of your layout layer on the Public Layers page. For my example I started with Expressive, and Subway Black, so the original theme layer is here. When you find the page for your original layer, click on "Raw Source Code" and copy the entire contents of the next page.
If your theme layer from step 1 had a number attached you can find the code by following this link: http://www.livejournal.com/customize/advanced/layersource.bml?id=##### substituting the number you wrote down for #####. Copy down the entire contents of that page.
Now, back on the first tab paste the code you just copied into your new layer. Press "Save & Compile", just for safety.
4) Copy the code from the Page::print function in your current layout.
Now head back to the second tab and the Public Layers page. Click on the name of your current layout and then click on "Raw Source Code". Again, in this example I'm using Expressive so I'll end up here. Use the find function of your browser to look for "function Page::print" on the page. That's the function of the layout that creates the final page view whenever anyone asks to see a page in your journal, and that's what we'll be replacing. What you need to do here is copy everything from between the curly braces ({ and }) associated with that function. The opening curly brace is the one immediately following the closing parenthesis, and the closing curly brace is the one immediately before the next mention of the word function. In most layouts, the closing curly brace is the one in the very first column.
5) Paste the Page::print code from your current layout into the new code below, and then paste the entire thing into your new theme layer.
Paste the code you just copied into the code snippet below, placing your code between the " # Original function code goes here" and "# END ORIGINAL FUNCTION CODE" lines. Then, past the entire collection of code into your new theme layer back on tab one, taking care to place it after all of the code you copied over in step 3. Make sure you press "Save & Compile".
Take a look at my finished example theme layer to see how yours should look.
function Page::print () {
if (viewer_logged_in()) {
# Original function code goes here
# END ORIGINAL FUNCTION CODE
} else {
"""
Error 401!
Error 401!
Sorry, the service is currently unable to authenticate the session. The page you requested is unavailable at this time. Frank has been chewing on the wires again.
Use the links to access more options:
- LJ Home
- FAQ
- Site Map
- You can also check LiveJournal's current status
LiveJournal
""";
}
}
6) Edit your current style to use the new theme layer you just created.
Finally, go back to Your Styles and click on Edit next to your current style. Under the theme dropdown you should find a new entry at the very bottom that has both a name and a number. Choose it and click on Save Changes.
If you've done everything correctly you shouldn't see any changes to your journal style while you're logged in, but if you log out you'll see what looks like an LJ error page no matter what page you try to visit.
Do not rely on Security through Obscurity, it is not foolproof and it can be beaten by a determined attacker.