Encrypting Metadata

system · January 29, 2026, 2:31pm

While declaring real Authors, Sections, and Tags might be a good recommendation from an SEO and EAT perspective, there might be strategic situations where you don’t want to openly expose these values but you still want to be able to track them on Marfeel.

For these situations, Marfeel supports encrypted Authors, Sections, and Tags. When declared as encrypted, the real values will only be visible by Marfeel.

How to Encrypt Values

Publishers can encrypt values using an asymmetric RSA cipher. You can encrypt your text using Public-Key Cryptography Standards(PKCS) with the Padding Scheme Optimal Asymmetric Encryption Padding(OAEP) and transform the result into a base64 string. More info.

Marfeel Public RSA Key

Publishers can encrypt the values with the Public RSA Marfeel Key:

How Encryption Works

Marfeel will extract all the information before ## as the data.

Important: Use always a different random value after ## so the same author doesn't get the same encrypted value on all its articles.

Cipher Code Examples

Here’s a cipher example in PHP:

public function encrypt(string $data): string
{
    $oOpenSSLAsymmetricKey = openssl_get_publickey($this->publicKey);
    if (openssl_public_encrypt($data, $encrypted, $oOpenSSLAsymmetricKey, OPENSSL_PKCS1_OAEP_PADDING)) {
        $data = base64_encode($encrypted);
    } else {
        throw new \Exception('Unable to encrypt data');
    }

    return $data;
}

Here’s a cipher example in Node:

const NodeRSA = require('node-rsa');

const encrypt = async (data) => {
    const clientKey = new NodeRSA(RSA_PUBLIC_KEY);
    clientKey.setOptions({encryptionScheme: 'pkcs1_oaep'});
    
    return clientKey.encrypt(data, 'base64');
};

Here’s a cipher example in Python:

from cryptography.hazmat.primitives.asymmetric import padding, rsa
from cryptography.hazmat.primitives import serialization, hashes
import base64

def encrypt_rsa(public_key_pem: str, data: str) -> str:
    public_key = serialization.load_pem_public_key(public_key_pem.encode())
    encrypted = public_key.encrypt(
        data.encode(),
        padding.OAEP(
            mgf=padding.MGF1(algorithm=hashes.SHA1()),
            algorithm=hashes.SHA1(),
            label=None
        )
    )

    return base64.b64encode(encrypted).decode()

Encrypting Authors

Declaration

The mrf:authors meta can specify encrypted="true":

<meta property="mrf:authors" encrypted="true" content="AiqpEJ+VdfIm9dlXeRND6RD+IdMBF=" >

Example

To encrypt an article with authors John Doe and Fred Doe:

Non-encrypted:

<meta property="mrf:authors" content="John Doe;Fred Doe">

Encrypted:

<meta property="mrf:authors" encrypted="true" content="theOutputOfEncrypting(John Doe;Fred Doe##randomdata)">

Encrypting Sections

Declaration

The mrf:sections meta can specify encrypted="true":

<meta property="mrf:sections" encrypted="true" content="AiqpEJ+VdfIm9dlXeRND6RD+IdMBF=" >

Example

To encrypt an article with sections Politics and Economy:

Non-encrypted:

<meta property="mrf:sections" content="Politics;Economy">

Encrypted:

<meta property="mrf:sections" encrypted="true" content="theOutputOfEncrypting(Politics;Economy##randomdata)">

Encrypting Tags

Declaration

The mrf:tags meta can specify encrypted="true":

<meta property="mrf:tags" encrypted="true" content="AiqpEJ+VdfIm9dlXeRND6RD+IdMBF=" >

Example

To encrypt an article with tags:

Non-encrypted:

<meta property="mrf:tags" content="tagGroup1:tag_name;tagGroup2:another_tag_name">

Encrypted:

<meta property="mrf:tags" encrypted="true" content="theOutputOfEncrypting(tagGroup1:tag_name;tagGroup2:another_tag_name##randomdata)">

Combining Encrypted and Non-Encrypted Tags

Tags support a combination of encrypted and non-encrypted meta tags on the same article:

<meta property="mrf:tags" content="publicGroup:public_tag;anotherGroup:visible_tag" />
<meta property="mrf:tags" encrypted="true" content="theOutputOfEncrypting(privateGroup:private_tag##randomdata)" />