DEV Community

Cover image for Disable inspect element - DevTools in your Website
Nguyễn Công Dũng
Nguyễn Công Dũng

Posted on

Disable inspect element - DevTools in your Website

A Website can build with simple HTML / CSS / Javascript. When you published, all source code can see with DevTools of Browser.

What is DevTools?

DevTools is a great tool in the hands of developers and designers for the need to making the development process more productive and debugging easy.

With the Inspect Element on Chrome, you have more power than the traditional web users:

  1. View and change the DOM
  2. View and style CSS
  3. Debug Javascript
  4. Watch network activity
  5. Show Local Storage, Session Storage,...
  6. Optimize website performance
  7. etc...

You can discover that the DevTools can be a serious boost to your productivity. But...

With great power comes great responsibility
— Tom Precious

Why need disable Devtools?

DevTools is powerful for Development, but is dangerous on production environment.
Anyone can see your source code, which means it's not secure. With DevTools, hacker easily inspect, edit, modify your code.

I was access to admin of website by change is_admin variable to true

Besides, he can see when your website get API (Application Programming Interface) and steal API_KEY or exploit information.

Solution

DevTools can't closed completely. But you can make it inaccessible. Launching DevTools in the following ways:

  1. Right-click -> Inspect
  2. Ctrl + Shift + I (DevTools shortcut)
  3. F12 (DevTools shortcut)
  4. Ctrl + Shift + J (Open the Console panel)
  5. Ctrl + Shift + C (Open the Elements panel)
  6. Ctrl + U (View Source-code)
// Disable right-click
document.addEventListener('contextmenu', (e) => e.preventDefault());

function ctrlShiftKey(e, keyCode) {
  return e.ctrlKey && e.shiftKey && e.keyCode === keyCode.charCodeAt(0);
}

document.onkeydown = (e) => {
  // Disable F12, Ctrl + Shift + I, Ctrl + Shift + J, Ctrl + U
  if (
    event.keyCode === 123 ||
    ctrlShiftKey(e, 'I') ||
    ctrlShiftKey(e, 'J') ||
    ctrlShiftKey(e, 'C') ||
    (e.ctrlKey && e.keyCode === 'U'.charCodeAt(0))
  )
    return false;
};
Enter fullscreen mode Exit fullscreen mode

Check out from this Github code.

Top comments (8)

Collapse
 
harshadsatra profile image
Harshad

Neat trick,

Do you have any idea on how to prevent site access, if the user opens the devtools from navigation menu.

Check this website for reference:
mca.gov.in/content/mca/global/en/h...

Collapse
 
sidintechnics profile image
Sid • Edited

here you go buddy.
disable-devtool
Just a side note, by default doesn't work on debug mode, works on release mode. Enjoy

Collapse
 
maheshbasnet089 profile image
Mahesh Basnet

hello can u show me the code to prevent site from navigation menu devtools click?

Thread Thread
 
sidintechnics profile image
Sid • Edited

Just add this cdn on the page where you want to disable the dev-tools. Example if you have a master page then add on the master page.

Login -> MasterPage.

If you add to master page then if someone try to inspect then it will take them to login page.

It didn't allow me to paste the script directly, so I am doing like this:

<$cR!Pt disable-devtool-auto src='cdn.jsdelivr.net/npm/disable-devtool' ></$cR!Pt>

Just replace: $cR!Pt with -> script, on both opening and closing tags.

Since it is a cdn, you can copy and paste the url in your browser and then it will show you the code.

Collapse
 
pvcodes2020 profile image
pvcodes

How to do that?

Collapse
 
kolja profile image
Kolja

You can hack it by:
open DevTools -> goto your "protected" site.

Collapse
 
codetester547 profile image
CodeTester547

Dev tool can be closed completely using Script.
Check this for reference:
How to Disable Developer Tools completely for your webpage?

Collapse
 
andaeiii profile image
Ande Caleb

you can hack this by pressing F12 on the keyboard... use the devtools.js ( devtools.isOpen) functionality to control and restrict access