Solved

Limit Javascript to an authorized domain

Posted on 2014-10-22
39
212 Views
Last Modified: 2014-12-12
How  can I provide some JavaScript to a client for their website and ensure this code will not run under any other domain?    This is already done by Google Maps and Facebook and probably more..

The javascript will call my page, likely create an iFrame or ? and display information from my servers.

What I am trying to figure out is how to restrict it so if someone takes the javascript to another website, it will not work.     Each site we give the code to has to have a valid subscription for a particular domain.
0
Comment
Question by:gdemaria
  • 15
  • 9
  • 8
  • +2
39 Comments
 
LVL 58

Expert Comment

by:Gary
ID: 40397091
There is nothing you can really do.
You can pass the url of the page from your js and/or check the referrer

Won't make much difference to the hardened criminal
0
 
LVL 51

Expert Comment

by:Julian Hansen
ID: 40397141
As Gary says not much you can do - if the browser can get it so can anyone - they can save it and use it.

Here is my take on it though - millions has been spent on trying to secure software - with differing amounts of success (failure). Personally I think it is time for the trust model to start taking root - there will always be people that want to exploit your code - and no matter what you do they will find a way.

Put in a robust license agreement and then if you come across anyone using the code you have means to request that they either destroy their copies of it or pay for it.

Here's the thing - that which makes the code easy to copy also makes it impossible to hide that is what you have done. Unless this is going to be used for an internal process then very few self-respecting website owner is going to want to have to deal with copyright violation.

The upside is if people are copying your code you have a winning product - the more people use it the more successful you are - just a case of managing the copying so that you profit financially from it.
0
 
LVL 58

Expert Comment

by:Gary
ID: 40397170
Something else you can do (again not 100%)...may depend on your setup if you can do it.

Do not include your js directly but instead have a small script that calls/loads your main js - check the IP of the calling server and check it is authorised.
In the main js include a changing variable, could be an hash key or something
In all requests to your server include this 'key' and check it's correct.
Even if someone just copies the main js directly to another site the key would never work on another site.

(think that makes sense)
0
 
LVL 39

Author Comment

by:gdemaria
ID: 40397275
Thanks for the responses, I should have included that I don't care about 100% absolute security.   As I did mention, Google Maps does it, Facebook does it, so I am just trying to implement something along those lines; since they do it, it must be possible.   I'm looking for help figure out, to that level, what can be done.   We are already having a problem and although we are happy to be popular, they are stealing our information and selling it themselves.   Lawsuits take years and cost a fortune and you can't count on winning.

@Gary, thank you for proposing a possible solution.  If I have a changing various in my server side code, wouldn't that mean that the javascript placed on the client's server also has to change?  

Anyone know how Google Maps and Facebook is doing this?
0
 
LVL 58

Expert Comment

by:Gary
ID: 40397295
Google analytics does nothing more than send the url of the page. Haven't checked Facebook but probably the same.

This is just some thinking theory...and I don't know what your code is doing...

You have a single line of js that loads the main js from your server, so it never changes.

When the call is made to your server you check the IP of the site, if valid (IP to website check) then send the main js, within which you include a variable, this could be based on the time of the request and the requesting IP so it's not easy to crack.

Any further requests to your server include this key which you can break down to the IP and check if it matches

If someone just takes your main js code and copies it to another server then it won't work as the IP won't match (unless the sites are all on the same server using the same IP)
0
 
LVL 39

Author Comment

by:gdemaria
ID: 40397651
Google Analytics and Google Maps are different things.   Google Maps uses a js plugin in the following form, where API_KEY is a unique key they provide via a console..
<script type="text/javascript"
      src="https://maps.googleapis.com/maps/api/js?key=API_KEY">
</script>

Open in new window

But if you copy this code to another domain, you get an error and the map will not appear.

I don't think it matters what my code is doing, the concept is to detect if the javascript is placed on an unauthorized domain.

Checking the IP address - since the javascript is on my server, wouldn't it determine the IP of my server, not the client server?     If it was on the client server, then they could just type in another IP address instead of the variable.
0
 
LVL 58

Expert Comment

by:Gary
ID: 40397661
Because they are doing a check against the url the key is registered to and the domain the script sends back - it's not high grade security, and this is what I was talking about in the first comment.

You check the referring IP, it cannot be spoofed otherwise your dynamic script loading would fail. It's not 100% foolproof but would stop a lot of stealing.
0
 
LVL 39

Author Comment

by:gdemaria
ID: 40397777
..and the domain the script sends back

This could be the essence of the issue.   Since the main Javascript runs on my server, how does it know what domain the small one-line script that launches it is running on?   Can't use referrer as it is often not populated and easily spoofed.
0
 
LVL 58

Expert Comment

by:Gary
ID: 40397800
Even if the referrer IP is spoofed it doesn't matter as your server would then be trying to initiate a connection to the spoofed IP and not the site sending the request

Bogus site makes a request to your server, sends spoofed IP of real site e.g. 189.11.22.33 even though the bogus site's real address is 154.85.86.45
As far as your server is concerned the connection is from 189.11.22.33 and will send it's data to that IP and not 154.85.86.45
0
 
LVL 11

Expert Comment

by:Murfur
ID: 40399756
Begs the question what your script is doing that is so sensitive... :)

Tricky one - as Gary and JulianH have already stated - once the script has been called into the browser it is effectively public domain and free to be used & abused so the third party only needs to make a valid access once in order to get the file.

Options:
1. restrict access to the site, IP restrictions or logins etc. or
2. restrict access to the page containing the script
3. Nothing! There is no third thing...

Whether 1. & 2. are viable will obviously depend on the client's site requirements and as for 3., well maybe there is a third thing...

I'm talking about loading a script via AJAX - I encountered this a while back and thought it was a good idea but couldn't see any application for it at the time. Whether it works or not here rather depends on your script.

Basically, you make an AJAX call and assuming a valid domain/host has been detected, you then use .eval() to trigger the script contained within the response.

You can verify the source server side or client side; I have done both in my example. Remembering that the script lines get processed in a linear fashion you can then remove the loaded script after it has completed its function, effectively hiding it again. Again, this could be in the AJAX call or in the response.

As I said, whether it works at all or is practical in your application remains to be seen.

Working demo here that loads a script to fade out the blue box if successful. Add ?host=something to the url string to trigger the failure

http://www.murfur.com/experts-exchange/Q_28542362_hide_script.php


main page
<?
$host = FALSE;
if(isset($_GET['host'])) {
	$host = $_GET['host'];
}
?>

<!DOCTYPE html>
<html lang="en">

	<head>
		<meta charset="utf-8" />
		<title>Experts Exchange Q28542362</title>
				
		<script src="jquery/jquery-1.11.1.min.js"></script>
		
		<script type="text/javascript">
		    function getScript() {

				var this_server = window.location.hostname;

				if(this_server === "www.murfur.com") {

					$.ajax({

						url: "Q_28542362_ajax.php<?=($host?"?host=".$host:"")?>",
						success: function(response) {
					
							$("#output").html(response);
							$("#output").find("script").each(function(i) {
								eval($(this).text());
							});
							
							// clear loaded script
							$("#output").html('');
						}
					});

				} else {
					$("#output").html("Client side detection: Invalid host, nothing to load");
					alert("Host name detected: " + this_server);
				}

			}
		</script>
		
		<style>
			#output{
				font: bold 1em/1.5em "Helvetica Neue", Arial, Helvetica, Geneva, sans-serif;
			}
			.box {
				width: 100px;
				height: 100px;
				margin: 10px;
				display: inline-block;
			}

			#one {
				background-color: red;
			}
			#two {
				background-color: blue;
			}
			#three {
				background-color: green;
			}
		</style>
	</head>

	<body onload="getScript();" >
		<div id="output"></div>
		<div id="one" class="box"> </div>
		<div id="two" class="box"> </div>
		<div id="three" class="box"> </div>
	</body>

</html>

Open in new window

AJAX page
<?
$server	= $_SERVER['SERVER_NAME'];

if (isset($_GET['host'])) {
	$server = $_GET['host'];
}

if ($server == "www.murfur.com") {

$response = <<< SCRIPT
	<script>
		$('div.box#two').fadeOut(1000);
		// remove self
		$("#output").html('');
	</script>
SCRIPT;

} else {
	$response = "Server side detection: " . $server . " = invalid host, nothing to load";
}

echo( $response );
?>

Open in new window

0
 
LVL 36

Expert Comment

by:SidFishes
ID: 40402853
Hey GD...

is it the JS code itself that you're concerned about or the interaction of the JS with your server side service?
0
 
LVL 39

Author Comment

by:gdemaria
ID: 40402870
Hey Sid,
It is the latter.   The javascript on the client is just a short bit that would call js on my server which would then produce content for the client site.   I do not want the content to appear if the site the bit of js is on is not authorized.   Google Maps does this, you register the domain, they provide the js code, but you cannot copy this same code to other websites, if you try it will tell you that the code is not authorized to run on the other domain.  That's what I am looking for.   How would the js code on your server know what domain the js bit is launched from?  (not using referrer).
Thanks!
0
 
LVL 36

Expert Comment

by:SidFishes
ID: 40402955
So I may be thinking about this wrong. But here goes.

cgi.http_referrer sucks yes but cgi.remote_addr seems to work pretty much all the time.

I would look at creating an API key by hashing the IP of the client on registration. Then add that code to their bit of js ala google maps.

Have the script call a check  via a cfc webservice to compare the API key sent, the cgi.remote_addr and the auth table, set a session auth variable

Store your "sensitive" js code as a cfm file topsecret.js.cfm and cfinclude it based on API authentication. This way only authenticated users from a valid IP will have it pushed to the client side.

Top of my head on my lunch break but I think it would work?

fyi google auth notes here: https://developers.google.com/maps/documentation/business/places/auth
0
 
LVL 36

Expert Comment

by:SidFishes
ID: 40402965
...obviously doesn't prevent IP spoofing but if they're going to that length, there's not much you can do except call a lawyer.

hmmmmm...On further thought That may not work. remote_addr will be the "client client" ie the client of your client who is running the js. (or is it?)
0
 
LVL 39

Author Comment

by:gdemaria
ID: 40402986
Sid, thanks for a thoughtful response.

I am wondering what value would be present in the cgi.remote_addr  variable.  Wouldn't it be the end-user's IP address rather than the IP address of the client server?

Our Server              ======>   Client Server            =============>   End user PC
-delivers content                       - small js calls Our Server                      --- views website
  to client server                          and display our content                          
  if authorized
0
 
LVL 39

Author Comment

by:gdemaria
ID: 40402997
Just saw your post.   Agreed.

if js on MY server could determine the domain of the website it was called from (Client Server) that could be used to compare with the hash...
0
 
LVL 51

Expert Comment

by:Julian Hansen
ID: 40403015
if js on MY server could determine the domain
Can you elaborate on what you mean by JS on your server?
Usually javascript is downloaded to the client and interacts with other code on the server - so unless you are running something like node.js - how are you interacting with JS on your server?

I understood your situation to mean you were loading scripts from your server
<script src="myscript.js"></script>

Open in new window


And you wanted to protect this script - or did I miss a step.
0
 
LVL 36

Expert Comment

by:SidFishes
ID: 40403035
actually in that set up it's easier...I think

your middle man client server isn't actually running the JS right?, just passing the snippet to the end user.

If that's the case then all you need to do is hash the IP of the server because it is actually the one making the call to -your- server right?

end user loads script from middleman server and does whatever it does to initiate the transaction, middleman server does webservice call to the auth api and if auth is ok, then passes the "sensitive" JS & related data back to the end user

or not...
0
 
LVL 39

Author Comment

by:gdemaria
ID: 40403080
My company provides some data for our client's to display on THEIR website.   This is similar to how Google supplies maps to others to put on their website.   In this case, "Our Server" is Google (I wish) delivering content (such as the map).   If my client wants to put our content on their website, they would add some some bit of code.   For Google, you would put this code on your website:

<script type="text/javascript"
      src="https://maps.googleapis.com/maps/api/js?key=API_KEY">
</script>

Open in new window


Facebook has a similar bit of code that we can add to our websites to show their content (the LIKE form, etc).
The magic is that if you take the same bit of code and place it on someone else's website it will not work.  It ensure you put it on the website for the domain you've registered with Google.

Note that the js is not sensitive, we just dont' want it to appear on anyone's site who is not authorized for it.  Right now, our client will copy the code and put it on 10 different domain names even though it's only authorized for one.  So the entire jist of this is to prevent loading the content on an unauthorized site, not to hide the js or like that.

Hope that helps, and I appreciate that we are getting into the meat of this with some good ideas!
0
What Is Threat Intelligence?

Threat intelligence is often discussed, but rarely understood. Starting with a precise definition, along with clear business goals, is essential.

 
LVL 39

Author Comment

by:gdemaria
ID: 40403086
So Julian, to answer your question directly..

Can you elaborate on what you mean by JS on your server?
Using the Google analogy, my client would put a bit of code on their website like this...
<script type="text/javascript"
      src="https://maps.googleapis.com/maps/api/js?key=API_KEY">
</script>

But the code that's running is on the googleapis.com site (which would be MY server)
      src="https://maps.googleapis.com/maps/api/js?key=API_KEY"

I am very flexible to how this is done, but it seems that Facebook and Google both give a little bit of js for the client webserver... but the js that is doing all the work is called on the googleapis.com site...
Thats' what I mean by the js on MY Server... as we only give the client a snippet and the rest is on my server
0
 
LVL 36

Expert Comment

by:SidFishes
ID: 40403136
But Julian is correct no?...your client's server isn't actually doing anything with the jS...except pass it to the end user. JS is strictly client browser stuff


end user 1st request from middleman loads basic page & JS
end user 2nd request triggers ajax to middleman server user data request  to middleman server webservice cfc
middleman server cfc passes request on to your server via second webservice call.
Here i would have the api key stored in an ini file on the middle man server. Read it an pass it to your server as part of the 2nd service call. Authenticate the api key with the cgi_remote_addr of the second WS caller (ie: middleman server)
If authenticated, pass the data & authYN back to middleman, who then allows access to the JS (via cfinclude) and passes it plus the data back to the end user.

This way the end user isn't being authenticated, it's the middleman server. In this case, you don't even need  an end user script for this.

I'm not entirely sure this would work but seems like it should
0
 
LVL 36

Expert Comment

by:SidFishes
ID: 40403160
If you can't set an .ini value, passing the api key from the end user to the middleman server and then on to your server would still work as long as you verify the has of the IP of the middleman server. It's a little less "secure" but I imagine that's what google is doing. I expect probably only with domain rather than ip although they may do an IP lookup on signup.
0
 
LVL 39

Author Comment

by:gdemaria
ID: 40403175
Authenticate the api key with the cgi_remote_addr of the second WS caller (ie: middleman server)
I think this continues to be the target issue.   How can we identify what is the domain of the client's server?    The CGI variables all indicate the end-user's PC.
0
 
LVL 36

Expert Comment

by:SidFishes
ID: 40403194
I guess it depends... if the end user calls your server directly, then yes, however if the middleman server does the call then no.

I'm assuming your client sites are running CF code you've provided. Or is that wrong?
0
 
LVL 36

Expert Comment

by:SidFishes
ID: 40403208
I guess it depends... if the end user calls your server directly, then yes, however if the middleman server does the call then no.

I'm assuming your client sites are running CF code you've provided. Or is that wrong?
0
 
LVL 39

Author Comment

by:gdemaria
ID: 40403512
I guess it depends... if the end user calls your server directly, then yes, however if the middleman server does the call then no.
Hmmm, I'm not sure what this means.  We know that javascript is runs on the end user browser, but the code is placed on the Client Server.   Just like we would embed a YouTube video.   So it is the client's server that we are validating.   When the user goes to the client's server website, it runs under a certain domain, if that domain is authorized it runs, otherwise it does not.

I'm assuming your client sites are running CF code you've provided. Or is that wrong?
No, we have no idea what the client server is running, including whether they are running jquery or anything else.   Any code I need to display the content has to be included by the script I give the client.
0
 
LVL 51

Expert Comment

by:Julian Hansen
ID: 40403623
<script type="text/javascript"
      src="https://maps.googleapis.com/maps/api/js?key=API_KEY">
</script>

Open in new window

Means download and run locally in the browser. Has nothing to do with the server - may call server code which could be PHP, C#, VisualBasic, Perl, Python, Java, Ruby - maybe even Cobol - but whatever it is it is not visible to the client ....
0
 
LVL 39

Author Comment

by:gdemaria
ID: 40404095
Not sure why we are are going down this tangent of where javascript is run, it is just distracting us from the mission at hand.    The code snippet will be placed on the "client server" on their website www.acme.com.   If acme.com is authorized to run the script it will run and the content from my server will appear.  If it is not authorized, the content will not appear.   This is possible because google maps does it.
0
 
LVL 51

Accepted Solution

by:
Julian Hansen earned 250 total points
ID: 40405862
Not sure why we are are going down this tangent of where javascript is run, it is just distracting us from the mission at hand
Probably has something to do with your opening question
How  can I provide some JavaScript to a client for their website and ensure this code will not run under any
other domain?  

Google Maps is not really a good example as I see it. Google Maps allows a developer to add a Google maps API to the developers page and anyone who views the page gets access to the API - i.e. the map, markers, directions etc get shown.

The restriction imposed by Google Maps is the usage - i.e. how many views per / day / hour the website is going to generate - if this is above a certain limit then Google will throttle (control) access to the API.

As I understand your question you want to protect the IP of your code so that only certain people can make use of the code

The question is - where is the IP that you want to protect?

Is it on the server or is it in the javascript that is downloaded and run in the client.

From some of the discussion it has seemed that you want to protect the javascript component - in others the server component. I suspect that this in conjunction with some misunderstandings on how javascript works might have created some confusion around this topic.
0
 
LVL 39

Author Comment

by:gdemaria
ID: 40406219
I want to do what Google Maps is doing, anything else is just confusion.   I would like my client to place some javascript on their server

Google Maps allows a developer to add a Google maps API to the developers page and anyone who views the page gets access to the API - i.e. the map, markers, directions etc get shown.
Yes, this is what I want to do.   The API is added by embedding a bit of js code on the developers server.  That is what I want to do.

The restriction imposed by Google Maps is the usage - i.e. how many views per / day / hour the website is going to generate - if this is above a certain limit then Google will throttle (control) access to the API.
Yes!  And they also can prevent the API from running if placed on an unauthorized domain, that is what i want.   I will be logging usage, although not throttling down the usage.  


As I understand your question you want to protect the IP of your code so that only certain people can make use of the code
No, this is not my objective.   I do not want to restrict by user and I do not want to use IP.   I am trying to do what Google maps does and trying to do so by the domain (website) the API is running on, just as Google Maps does.
0
 
LVL 51

Expert Comment

by:Julian Hansen
ID: 40406303
IP = Intellectual Property
And they also can prevent the API from running if placed on an unauthorized domain
This is where you loose me.  The code (javascript) can be downloaded from another domain - but it will still run local.

Let's take an example - on of my sites has the following
 <script type="text/javascript" src="http://maps.google.com/maps/api/js?sensor=false"></script>
<script type="text/javascript">
...
	var myOptions = {
		zoom: zoom,
		center: ctlatlng,
		mapTypeId: google.maps.MapTypeId.ROADMAP
	};
...	
	map = new google.maps.Map(document.getElementById('contact-map'), myOptions);

Open in new window

I can take the code that is downloaded as part of the maps.google.com/maps/api/js?sensor=false - save that to a file called gmaps.js on my server.
I then change my script include to
<script type="text/javascript" src="js/gmaps.js?sensor=false"></script>

Open in new window

The code still works - what am I missing in terms of what you want to do?
0
 
LVL 51

Expert Comment

by:Julian Hansen
ID: 40406310
Sample online here http://www.marcorpsa.com/ee/e048.html
View source to see where Google Maps API is being loaded from
0
 
LVL 36

Assisted Solution

by:SidFishes
SidFishes earned 125 total points
ID: 40406961
I've probably sent this down the rabbit hole a bit but

Our Server              ======>   Client Server            =============>   End user PC
-delivers content                       - small js calls Our Server                      --- views website
  to client server                          and display our content                          
  if authorized

The thing that's confused me is the "delivers content to client server if authorized".

Can you clarify

Based on a request from an end user, your client's server is getting the data from your server. This client's server then passes that data back to the end user.

OR

End user gets script from client server. End user requests and receives data from your server (bypassing your client's server)

If it's option 1 then what I've suggested should work, if it's option 2 then it wouldn't.
0
 
LVL 39

Author Comment

by:gdemaria
ID: 40407028
By "delivers content to client server" I simply mean the same way facebook puts its' LIKE button on your website or the way Google Maps puts it's map on your website or the way you can embed a youTube video on your website.  the content doesn't come from YOUR website, it comes from Youtube, Facebook or Google.

I must be so bad at explaining this.  We must be over thinking it,  I am sure you guys do this all the time.  Another example, If you go to a YouTube video and click "Embed" it will give you a block of code to put on your website.  Take that code and put it on your home page and when the user views your homepage, he will see the video.  

So, yes, this one ...
Based on a request from an end user, your client's server is getting the data from your server. This client's server then passes that data back to the end user.
0
 
LVL 39

Author Comment

by:gdemaria
ID: 40407040
@Julian, I found it very interesting that you could download google maps and have it work on your server.   I know when I implemented Google Maps by cut/paste their code snippet onto a web page it required me to authorize the website domain (that is, it would not run on another website from the one where I initially registered it).
0
 
LVL 51

Expert Comment

by:Julian Hansen
ID: 40407907
Question

Do you want

a) To restrict the code to run on pages that are only in a particular domain - in other words www.somewhere.com registers for your code - loads it on their site - code only runs if it is on a page from www.somewhere.com?

b) Restrict the download of the code from specific domain - in other words <script src="www.somewhere.com"></script> will work irrespective of what domain is serving the containing page. If code is copied to another domain and <script src="www.anotherdomain.com"></script> script will not work.

I am guessing a) but not clear from the discussion which it is - can you clarify.
0
 
LVL 39

Author Comment

by:gdemaria
ID: 40408227
Option A is correct.    

I will give a small bit of js to our client who owns www.somewhere.com.   On that domain, it will show some content generated from my server.  If that js code is copied to another domain www.someotherdomain.com, the content will not display.
0
 
LVL 51

Assisted Solution

by:Julian Hansen
Julian Hansen earned 250 total points
ID: 40408263
Ok so we are talking about javascript only being able to run on pages that are from a particular domain.

This is where it gets tricky because the javascript request comes from the browser not from the domain - so you could use something like windows.location.host in your callbacks to verify the domain - but that can be edited out.

You could provide a key - but that could be edited out as well

So what you need to do - and this has probably been discussed already - is you need your JS to first download some code that validates the domain (checks windows.location.host against a list of registered domains). This would need some time sensitive key embedded in it to stop the copied JS from simply spoofing the validation. Once validation is done a session key is obtained and used in all future api requests.
0
 
LVL 11

Assisted Solution

by:Murfur
Murfur earned 125 total points
ID: 40408757
Unless I have missed something fundamental, I am a little confused as to why this is going around in circles and you are stuck on the Google API key

The API key is effectively a login password and when matched with the requesting source domain is (was) compared against a database in exactly the same way as a username/password login combo. If the username/password is correct, you get in, so if the source domain/API key were correct, you got the mapping script.

Thus far, I understand that this is the process you wish to mimic.

You can do exactly the same but you don't actually need a key as you are tracking the source domain in the script request. If you want a key, generate one and add it to the script request and source validation.

So apologies to all if I have missed something, but I think I have already answered this with the AJAX above. Or if you don't want to use AJAX, here is the same as a straight script request.

Please note that I use EVAL to trigger the scripts functions.

http://www.murfur.com/experts-exchange/Q_28542362_hide_script2.php

Once again, add ?host=wrongdomain.com to demonstrate the failure

UPDATE: you don't actually need the eval() to call the script in the non-AJAX method
Q-28542362-hide-script2.phpQ-28542362-script.php
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

International Data Corporation (IDC) prognosticates that before the current the year gets over disbursing on IT framework products to be sent in cloud environs will be $37.1B.
This article demonstrates how to create a simple responsive confirmation dialog with Ok and Cancel buttons using HTML, CSS, jQuery and Promises
The viewer will learn the basics of jQuery, including how to invoke it on a web page. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery.: (CODE)
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…

759 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now