Whitelist domains where the widget can be used. At the moment everyone can steal the widget code and add it to they’r own site, without needing to pay for it.
1 Like
Folks, our former Wishlist portal, where our users shared their requests and suggestions, was transferred to this forum. You’re most welcome to vote, add new ideas, and leave your comments here — we surely will consider them all! 
Original Votes: 4
Original comment from Philip Matthew transferred from the previous Wishlist portal:
How can we protect our widget from being copied by others? It’s easy for someone to use “view source” in a browser to grab the script and use it on unauthorized websites. Up to this day, there is no security measures that only allow the widget to work on approved domains? Many providers already use this kind of feature. The RSS feed app that pulls in news could be at risk if someone simply steals the code and adds it to their own site.
1 Like
Thank you for your comment, @user17031!
I’d like to reassure you that, up to this point, we haven’t encountered any cases of unauthorized use of widgets being reported by our clients. However, if you ever suspect any misuse or face an issue, please don’t hesitate to reach out to our support team, we’ll be happy to provide a custom solution.
Thanks a lot for sharing your thoughts!
It happened to me and I reported it to elfsight @Helga (I have the chat history if you need it). In our case a large number of spam sites scraped the entire HTML of our website and created websites which included the elfsight widget.
1 Like
Thank you for sharing, @user8433! I’ve found your support ticket and see that you indeed had issues with spam domains. Although we were not able to provide a solution back then, I believe that with the Custom JS option now available, we can address this on an individual basis.
That said, our support team would be happy to assist with domain restrictions. Please feel free to contact us if you experience issues of this kind 
Thanks for the comment, but I couldn’t help but notice that someone here mentioned and has already reported unauthorized use issues. That makes me question how the reassurance really is.
@user17031, that does sound like a really unfortunate experience, but I’d like to point out that it was more of an exception — probably the only case we’ve ever had. It’s highly unlikely that someone would need to place another person’s widget with their content on their site, and I honestly can’t recall any similar instances.
If you ever run into such an issue, though, we’re happy to help on an individual basis by providing a script to restrict domains.
All in all, I’d say there’s no need to worry about using our widgets, and our team is always here for you if anything comes up 
1 Like