www.webdeveloper.com
Results 1 to 10 of 10

Thread: Protect Source Code

  1. #1
    Join Date
    Mar 2009
    Posts
    452

    Protect Source Code

    hi all, What is the best, optimized and free way to protect my source code (i mean encrypt in a way hard to decrypt for humans)?

    actually I want to protect my website and CMS, as php files are just simple text files. anyone who knows a little bit of php can modify in an illegal way.

    I have also learned about Zend Guard, IonCube etc... I dont want a paid solution, or a ready made solution. any idea ?

  2. #2
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    19,312
    The only free (or at least cheap) ones I've seen generally all do the same thing: recursive eval()/base64_decode() calls. Any of these can be decrypted by any reasonably skilled PHP coder with a bit of patience -- it will only stop the casual user (or impatient skilled user, who will likely not want to use such obfuscated code in the first place).
    "Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
    ~ Terry Pratchett in Nation

    eBookworm.us

  3. #3
    Join Date
    Mar 2009
    Posts
    452
    yeah i too have done this kind of decryption of some shells that were placed on my server by a hacking attack. is there some way to convert the source code into binary or similar and run without any problem. Like in ASP.NET (I think its possible in ASP.NET as I don't know much about it)

  4. #4
    Join Date
    Dec 2010
    Posts
    59
    Use HipHop to compile the PHP.

  5. #5
    Join Date
    Mar 2009
    Posts
    452
    Quote Originally Posted by ralphchadkirk View Post
    Use HipHop to compile the PHP.
    that's not what i need.

  6. #6
    Join Date
    Aug 2004
    Location
    Ankh-Morpork
    Posts
    19,312
    You might be able to use the bytecode extension, but I've never used it, and you now know at least as much about it as I do.
    "Please give us a simple answer, so that we don't have to think, because if we think, we might find answers that don't fit the way we want the world to be."
    ~ Terry Pratchett in Nation

    eBookworm.us

  7. #7
    Join Date
    Jul 2010
    Location
    /ramdisk/
    Posts
    865
    You might be able to use the bytecode extension, but I've never used it, and you now know at least as much about it as I do.
    Excellent suggestion NogDog.

    Having your programs as byte code makes them incredibly portable. If you do not know anything about how Java works then you'll be in for a surprise, even if you already know a fair deal about OOP in PHP.

    If you have not used Java then be very cautious using this extension. It comes from a different world not the least bit like PHP.

    If you don't like the JVM you can compile your PHP with Hip Hop (from what I have heard).
    I use (, ; : -) as I please- instead of learning the English language specification: I decided to learn Scheme and Java;

  8. #8
    Join Date
    May 2011
    Posts
    101
    Protect against *casual* reading of your code by the .htaccess
    file in the directory from which your PHP is called, and also give
    this directory drwxr-xr-x permissions.
    -
    Always place 'Options -Indexes' in the .htaccess file and always
    have a file called 'index.html' or 'index.php' in the directory.
    -
    Determined hacking (usually by brute force FTP) will always result
    in some clown f**king up your site. It has happened to me on a few
    occasions. Even if you run compiled programs on the server, *someone*
    will get in, someday, and replace your code with malicious crap of
    their own.
    -
    Vigilance, and frequent changes of FTP passwords on your host, do
    their bit to help. Otherwise, the first you may hear of it is a dreaded
    Google "this site may harm your computer" flag ! ! [At least, this shows
    your SEO is effective :-) ]

    Chris
    Last edited by chriseccles; 06-12-2011 at 02:27 AM. Reason: afterthought

  9. #9
    Join Date
    Mar 2009
    Posts
    452
    yes you said right but i just want to protect my source code from reuse/modification without my by someone else (who is not the part of my team, I mean).

  10. #10
    Join Date
    Mar 2009
    Posts
    452
    I tried "PHP Obfuscator" it does work a bit, and can be helpfull... But it also modifies HTML tags that makes the structure messy or makes the document invalid (valid XHTML)

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles