Protecting Node.js-based JavaScript Applications

Online Masterclass

JavaScript was born as a script language for dynamic websites in the infancy of the Internet in 1995. Today’s JavaScript is a different beast altogether, as it has matured to a language of choice for desktop and server applications – one more reason for its popularity, currently ranking 7th in the TIOBE index of popular programming languages. For server and desktop applications in particular, JavaScript now does far more than simply displaying interface elements. In many cases, even the most sensitive and precious operating logics of applications are realized in JavaScript.

Straightforward server applications offered as Software-as-a-Service usually have little need for licensing or added protections. But stable Internet connections are not a given, even in today’s hyperconnected world. The recent 7-hour outage of Facebook, WhatsApp, and Instagram showed the world how fragile the digital infrastructure can be. Clients and users need an option to run mission-critical applications in private clouds, on edge devices, or even completely on-premises. JavaScript can accommodate all these scenarios without the applications needing any rewrite. However, new software protection and licensing concerns need to be addressed if this route is taken: While server applications were safe and sound in their maker’s own data center, where one only had to keep track of the number of registered users, now applications are let out “into the wild”, and JavaScript’s very nature makes it easy for skilled attackers to remove or get around license checks. Unless you add AxProtector JavaScript.

Most server or desktop applications worth to be protected are based on Node.js, which is the standard use case AxProtector JavaScript was designed for. Like its siblings AxProtector Windows, Linux, macOS, Android, .NET, Java, and Python, AxProtector JavaScript is made to operate “in the wild” and to guarantee top protection by encrypting the executable code and optionally integrating license checks right in the application itself. The protected code is only ever decrypted when it is actively being used; code not needed at any given point remains encrypted and cannot be extracted from the host computer’s memory.

You can even encrypt separate parts of your code with individual licenses and cryptographic keys for a more granular and modular protection of your software. With modular encryption, you can deliver your applications will all features onboard, and allow your users to activate and use the features they need by buying additional licenses.

Join our masterclass and see how to protect Node.js-based JavaScript applications automatically and which packages you need to deliver your software.

Access the Recordings 

German access
English access

Here is the list of content we are going to delve into:

  • Ways to protect JavaScript applications
    • Encrypting by transforming JavaScript into a native exe-file with Electron and using AxProtector Standard
    • Encrypting the JavaScript code
  • Use cases
    • Protecting entire applications
    • Adding modular protections (features-on-demand)
    • Subscription models
    • Pay-per-use models
  • Requirements and best practices

Our webinar will show you how to protect from reverse engineering the know-how you have invested in your JavaScript applications and how to turn that investment into profit with the power of CodeMeter.

Do góry