Prevent scam [Custom plugins]

Discussion in 'Plugin Development' started by Maximvdw, Jan 15, 2014.

Thread Status:
Not open for further replies.
  1. Offline


    Dear developers,

    I have made around 50 custom plugins so far. Most of the times the customer pays when they
    like the plugin, but I've had a few that requested a test first, but then did not pay. (however they are using the plugin).

    I was reading a FAQ of someone else who develops custom plugins. He said that the plugin stops working and deletes itself after X days.

    My question: How can I create a test plugin for a customer that will be deleted, non-working after X days.

    - How can I obfuscate my java code so it's harder (especially for a non-developer) to decompile.
    - How can I stop the plugin (and erase) after X time. I don't want it to stop, but work again after the server restarts, so it has to save it somewhere. Would I do this locally or remotly?
    - Are there any API's available that are focused on creating 'trial' java software.

    Best Regards,
  2. Offline


    Code is code. It's not possible to make it non-decompileable.
  3. Offline


    In order for the plugin to be deleted you would need to spawn a background process which waited until the jar file was unloaded and then would delete it. but if the directory is read only you would not be able to delete it.

    to obfuscate your code you can change variable names, class names, mix it up random string names - put large gaps in code. this will just make it a headache to decode and normally put off 85% of people from reading it.
  4. Offline

    1Rogue Retired Staff

    It's better to just middleman, or if you really want to demonstrate that it works first (to the customer) by demo'ing it on a local server, and then ask for payment. You build a reputation through projects you've done previously, so you need to give a little to get (so to speak).
    Garris0n likes this.
  5. Offline


    Idea I have been toying with for my plugins - create 2 plugins, the one on trial (program A) and a secondary one which is the shutdown (Program B).

    Make A depend on B through plugin.yml and in code. Then in project B create a start date and duration (or just an end date), at the end of allowed time B unloads A from the server and deletes it thus bypassing the normal when its active its locked. The user is left with B which does nothing, if they reload a copy of A on the server B is required and would remove the plugin straight away.

    To stop people decompiling your code and editing out the lines, make it difficult to find and make it seem like its part of the main program (integrate it with something so if they delete that section they would delete the main functionality of the plugin). only an expert programmer (or very experienced) would be able to delete the relevant code (only if you hide it good enough). And an experienced programmer isnt likely to ask someone to do something he can do himself. thus protecting your code.

    This is an idea ive had for my plugins and i share it with you to help as i know how it feels when they "steal" the code.
  6. Offline


    To obfuscate plugins -

    I'd suggest adding a disabler to private plugin buyers that seem sketchy.
  7. Offline


    Thats what he was talking about but the question is how to do it as the plugin can not delete itself when its running... hence the problem
  8. Offline


    Run a check when the plugin enables to a pastebin link you made, if you said "true" in the pastebin, it'll enable, if you said "false", it'll disable, kind of how pogostick had it. :p (I'd also suggest to automatically reload the server if you change it to "false", because it wont disable with out a reload or a restart)

    (It's a great way to deal with scammers, then you can easily edit the pastebin to "false" and it'll be disabled.)
  9. Offline


    This is a great idea but for someone like me it is really easy to bypass that method (Im not telling you how so this information is not put into public knowledge).

    Disclaimer: I do not steal other people plugins or edit them without their permission. I do this for my DEV team to make sure that the plugins they make cannot easily be bypassed.
    MrInspector likes this.
  10. Offline

    TnT Retired Staff

    Selling or purchasing of plugins can be really difficult, especially when you are not dealing with a known reputable business entity. That said, since these forums strictly prohibit the purchasing or selling of goods and services, this kind of discussion is best left to take place on forums that do allow that kind of interaction. Locked.
    MayoDwarf and Garris0n like this.
Thread Status:
Not open for further replies.

Share This Page