I have a client who will be licensing an ASP application from me on a monthly basis. Unfortunately, the terms of the contract specify that the app must be installed on THEIR internal web server.<BR><BR>What&#039;s the best way to set up licensing and expirations of the application, that is resistent to casual hacking or reverse engineering by their own internal programmers?<BR><BR>(no, not interested in using MS VBScript Encoder -- bad bad, too many crack utils out there).<BR><BR>I thought of using ASP.NET and setting up a licensing server on my server at home, but I cannot guarantee connectivity and could get in a whole legal mess if my server or connection goes down and they can&#039;t validate.<BR><BR>Perhaps one idea is something along the lines of a COM that is required for the app to run. The customer is issued a unique key. Using the key, I encrypt an expiration date which I email to the customer to enter into a database field after they pay their monthly license. The COM will use the key and the encrypted date, and resolve to a valid expiration date and allow the app to continue. This raises the question, how can I make a COM required for the app to run, without moving all the ASP code into the component? Otherwise, one of their programmers can just hardcode a valid return date instead of calling the COM.<BR><BR>Any suggestions on doing this, or any other ideas?<BR><BR>TIA,<BR><BR>Scott<BR>scott@scottkeen .com<BR>