Combating Nulled and Pirated Scripts Providers: How Can Envato and the Author Community Help?

Hi everyone,

I’ve been noticing a growing number of sites and forums that distribute nulled or pirated versions of scripts from CodeCanyon. This is a significant concern for developers and authors who put in a lot of hard work to create these products.

I’ve identified a long list of sites that are providing these nulled and pirated scripts.

I believe that if we come together as a community, we can take effective steps to combat this issue. Here are some of my thoughts on how Envato and the author community can help:

Legal Action:

DMCA Takedowns: Envato can file DMCA takedown notices to hosting providers and search engines to remove infringing content.
Cease and Desist Letters: Envato’s legal team can send cease and desist letters to the operators of these sites.

Enhanced Security:
Licensing Verification: Implementing strong license verification systems within the software can prevent unauthorized use.
Obfuscation and Encryption: Authors can obfuscate and encrypt their code to make it more difficult to pirate. (this is most important)

Community Reporting:
Encourage Reporting: Authors and users should be encouraged to report sites that host pirated versions. Envato can have a dedicated reporting mechanism for this purpose.

Value-Added Services:
Support and Updates: Emphasize the benefits of purchasing legitimate versions, such as access to support, updates, and new features.

I strongly believe that addressing this issue is also part of Envato’s responsibility. By working together, Envato and the author community can better protect our intellectual property and ensure that creators are fairly compensated for their efforts.

I would love to hear your thoughts and suggestions on this issue. How can we, as a community, better protect our work and ensure that creators are fairly compensated for their efforts?

Looking forward to your insights and discussions!

Best regards,
Chirag Jagani

3 Likes

Hi @corbitaltech. Thanks for putting that list together! It looks like your post was caught in our filters, but I’ve just removed links to specific sites - we don’t want to drive any more traffic to pirated content, so we won’t publish null/pirate links here.

On the DMCA front, authors are the copyright holders for their content, and so we can’t lodge takedown notices on your behalf. For anyone who isn’t familiar with it, there’s more information on the DMCA process here - including templates that you can use yourself.

It’s a great discussion to kick off though - thanks for getting it started.

Don’t worry about it, those people are targeting “Elements” items now. When it starts to hurt Envato, they will take an action.

It’s just you and me in this community for this topic; no one else is responding. Despite there being over a thousand authors, it’s baffling that the community offers no support. I haven’t understood how this community works for decades. Envato’s team needs to make numerous upgrades and changes, but they’ve neglected to fulfill any of them for a long time. File a DMCA. How can anyone consistently file a DMCA? What is the process that took 15+ days (I already tried)? What are the benefits here as the author? Why are they not making a system for the excusive elite or power elite Budges? (The author can do something.) Let’s leave that aside and focus on development or your team because the platform community isn’t supporting us. True change is only possible if all authors come together; otherwise, everything is flawed or just exists without purpose. I hope you understand. Thanks

1 Like

Hurt, Envato? Are you sure? You can now use Envato/Shutterstock, please!

@cscode_tech agree with you.

@BenLeong Thank you for insightful reply and suggestion.

In my own analysis of the Envato APIs for license verification, I have a specific query:

  1. License Verification and Domain Usage:
  • I’ve done some analysis of Envato’s APIs regarding license verification. My main concern is ensuring that a buyer can’t use the same purchase code for different domains or subdomains.
  • Query: How can we check whether a buyer is already using a purchase code on a specific domain or subdomain? Is there a reliable method or best practice within the Envato API framework to enforce domain-specific usage of purchase codes?

Preventing the same purchase code from being used on multiple domains is crucial for protecting our intellectual property and ensuring fair use of our products.

Thanks.

2 Likes

As in war-ez website would start to gain more advantages, Envato may take an action for “take-down” notice. As I see, some offers for 6$ annually everything you could download and once the item is on Elements, the next day, it’s already on those website.

@corbitaltech
They are not gonna implement any system. You gotta solve your own problem by yourself.

1 Like

Hi,

I suggest developing your own system to maintain the license and installation domain. It should store both, along with additional required details such as the purchase date, support date, etc. You can then create an API to communicate with both the Envato API and your product.

Implement an installation wizard in your script that prompts for the item purchase code. Once you validate the purchase code, store it in your system along with the domain name.

This way, you can prevent users from using the script on unauthorized domains.

There are already scripts available in the market if you prefer a ready-made solution. I am using one of them, and it works quite well.

Regarding the important JavaScript files in your script, you can obfuscate them. When a user requests the original files, you can ask for their purchase code.

I hope this helps.

2 Likes

You are not allowed to do it within Envato marketplace and its policy.

2 Likes

I understand, but if the source is requested and you don’t deny it, that’s acceptable.

1 Like

No. You can’t do it. It has to be open-source

1 Like

Open source to let people pirate it? Authors need to protect their scripts on their own.

2 Likes

You can’t do it within Envato marketplace. If you wanna do it, you have to sell it on your own…

( Same for CodeCanyon / coding )

General Requirements

Themes must not obfuscate or hide code in any way, including through the use of base64 encoding.

I’m not sure if you’re a new author or not, that has been a problem since the beginning of the time and if you’re doing it so far, you’re ignoring/violating the Envato policy, you’re just lucky that you haven’t been reported.

Hi, I know that and I’m not doing it.

You’re well-inform about the policy, you’re not doing it but you’re suggesting for someone else to do it. It doesn’t make sense.

He is asking for it so I’m just suggesting a way. He is an author so he must know the policies.

Not a recent post, but surely the Topic is very current for everyone…

A dedicated system between your server and your copy of your product is essential. And it also has some additional benefits, including the automation of various aspects of your code.
Personally, I have little faith in the Envato API, so I created my own; these are the highlights of the process.

The system I use is redundant.

To get started, the compressed file that I distribute at the time of a sale contains a unique license code. When installing the product, it is used along with other data such as the installation url, date, a secret key, version of the script, etc.; this data is recorded on our servers and returns a hash that will be used to continue using the script.

This allows you as an author to track sales and installations (without requiring personal data). If with the same code, further installations are attempted, you can easily trace the first copy/buyer and investigate… but in any case, the process would block.

Since I also use this ping system for updates and upgrades, if a copy is pirated, and not consistent with the data in my possession, the system blocks. No updates, no upgrades, blocking of the api, etc.

You do not need to obfuscate the code.

You can obviously also further increase the data crossing or create temporary tokens that require constant validation. The solutions, if you want, are there to limit the problem.

I hope this helps. :heart_hands:

2 Likes

Thank you for sharing. We are taking a similar approach and developing our own licensing portal to automate these processes. Some parts have already been completed.

1 Like

We are following the method provided by envato. Till now we have removed DMCA to 100+ websites. All of them are only people who have downloaded and installed from pirated websites. Most pirated websites use cloudflare to hide the original ip address. We have also contacted cloudflare and obtained the original ip address and are making a DMCA report to them as well.

All this process is a long time process, so we have time to do it. We have formed a group called DMCA and are working on this.

We are able to do this with our own license verification system using the Envato API.

Note:
The reason most people told us to download and install from pirated websites was for testing purposes or to see how it works before buying. But it is worth noting here that our codecanyon product page has a demo site.

1 Like