Init Content Protector – Lightweight and Powerful Content Protection for WordPress

Version: 1.3 Tiếng Việt

Init Content Protector – Lightweight and Powerful Content Protection for WordPress
24/07/2025 0 36 2 min read
Init Content Protector is a lightweight yet powerful plugin designed to protect your post content from copying, scraping, and browser inspection tools. It runs entirely on Vanilla JavaScript (no jQuery), is performance-friendly, and doesn’t interfere with real user experience.

Key Features

  • JavaScript-based blocking for copy, text selection, printing, and DevTools
  • Full AES content encryption, decrypted on the client via crypto-js
  • Keyword cloaking using span::before, hidden from raw HTML
  • Invisible noise injection (random spans with display: none) to confuse crawlers
  • Select which post types to protect
  • Custom encryption key per site for maximum flexibility
  • Configurable content selector (CSS) for targeting specific areas

Content Encryption with Client-Side Decryption

When encryption mode is enabled, the entire post content is encrypted with AES and only decrypted on the client side using JavaScript. No readable HTML is exposed – only an encrypted payload and loading skeleton are rendered.

This keeps content safe from scraping tools and source viewers, without harming the experience for real users.

Keyword Cloaking

You can define a list of sensitive keywords to obscure. These will be replaced with hidden <span> tags and revealed visually using CSS ::before. The real words won’t appear in the page source or HTML.

Noise Injection

The plugin can randomly inject junk text (fully hidden with display: none) into the content. This helps confuse scraping bots while being invisible to users.

Quick Setup

  1. Download the plugin and extract it to /wp-content/plugins/init-content-protector/
  2. Activate it via the Plugins menu in WordPress
  3. Go to Settings → Init Content Protector to configure protection mode, post types, keywords, encryption key, and content selector

Compatibility & Performance

  • Compatible with WordPress 5.5 and above
  • Requires PHP 7.4 or higher
  • No jQuery – written entirely in Vanilla JS
  • Performance-friendly – scripts only load when protection is enabled

Get Started

Looking for a simple, effective, and flexible content protection solution that doesn’t slow down your site or require custom coding?
Init Content Protector has you covered – keep your valuable content safe without sacrificing user experience.

Download Plugin

Review

5.0/5 (2)

Screenshot

Changelog

  • 1.3 – Fully Decoupled Encryption & JS Protection
    • Separated the encryption system and JS content protection into two independent modules (decrypt.js and content-protector.js).
    • Split script loading into two isolated wp_enqueue_scripts hooks to eliminate cross-dependencies.
    • Renamed the localized JS object for encryption to InitContentDecryptData for clearer responsibility boundaries.
    • Ensured JS protection features (copy-block, right-click disable, print lock, DevTools guard) work even when encryption is turned off.
    • Improved maintainability by loading crypto-js.min.js only when encryption is enabled.
    • Refined initialization order for consistent behavior across all themes and page builders.
  • 1.2 – Role Exclusion & Independent Protection Flow
    • Added an option to exclude specific user roles from all protection layers (encryption, JS protection, noise injection, keyword cloaking).
    • Implemented role-based bypass at both the filter level and asset enqueue level to ensure consistent behavior across the frontend.
    • Refactored the protection pipeline so encryption, JS protection, and noise injection operate independently, preventing unwanted coupling.
    • Improved script enqueue logic by loading CryptoJS only when encryption is enabled.
    • Optimized hook processing to avoid unnecessary filtering for excluded roles or unsupported post types.
    • Ensured clean fallback behavior when multiple protection layers are enabled simultaneously.
  • 1.1 – Inline Script Injection & WP 5.7 Requirement
    • Replaced wp_add_inline_script with direct <script> injection to ensure execution on all pages.
    • Leveraged wp_get_inline_script_tag (available since WordPress 5.7) for safer inline output with automatic nonce/type support.
    • Encrypted payload is always injected early within the content, independent of enqueued script handles.
    • Introduced CustomEvent: init-content-payload-ready so frontend scripts can react when the payload is ready.
    • Prevented duplicate script injection when content filters are executed multiple times.
    • Updated minimum requirement: Requires at least WordPress 5.7.
  • 1.0 – Initial Release of Init Content Protector
    • Introduced a lightweight content protection plugin written entirely in Vanilla JS (no jQuery).
    • Blocks copy, text selection, printing, and DevTools access using JavaScript techniques.
    • Encrypts full post content with AES-256 and decrypts client-side using crypto-js.
    • Obscures sensitive keywords by replacing them with <span> elements rendered via ::before, hidden from raw HTML.
    • Injects randomized invisible noise elements (display: none) to disrupt basic crawlers.
    • Supports selecting which post types are protected through plugin settings.
    • Allows custom encryption key per website – no hardcoded keys.
    • Supports defining a custom CSS selector to accurately target content for JS injection.
    • Neutral fallback styles render well on both light and dark themes without extra theming.
    • Modular settings page with proper sanitization and grouped option storage.
Made with in HCMC.

Other plugins

Comments

  • No comments yet.

Init Toolbox

Press Ctrl + \ on desktop, or swipe left anywhere on mobile.

Login

Forgot password?
Create a new account