?
Solved

How to protect PHP source code?

Posted on 2009-05-07
12
Medium Priority
?
477 Views
Last Modified: 2013-12-13
Hi there,

I am developing a web-based software with PHP. Right now, the software will be distributed and be installed in desktop computer. Since it's PHP based, when it's installed, the source code could be seen.
Do you have any idea how to secure or protec the source code, so when the software installed in server they couldn't see the source code? or are there any other ways to prevent this?
I know some good system like soureguardian and ioncube, but I wouldn't get them because their price is too high for me. I would appreciate any input.

Thanks
0
Comment
Question by:Edwat
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 3
  • +1
12 Comments
 
LVL 14

Expert Comment

by:shobinsun
ID: 24324170
Hi,

zend guard and ioncube PHP encoder are the best professional, enterprise class solutions available that have never been successfully reverse engineered ... yet.

http://www.zend.com/products/zend_guard/

http://www.ioncube.com/
0
 
LVL 4

Accepted Solution

by:
Andy1988 earned 1400 total points
ID: 24324181
You can use IonCube to protect/encrypt your PHP source code

http://www.ioncube.com/
0
 
LVL 14

Assisted Solution

by:shobinsun
shobinsun earned 600 total points
ID: 24324185
Hi,

Also

There are a couple of ways to do that.

http://www.topshareware.com/SourceGuardian-PHP-Encoder-download-37083.htm  ( this is a commercial encoder )

 http://www.raizlabs.com/software/phpobfuscator/


Regards
0
Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24324196
I searched in EE, lots found,

http://www.rssoftlab.com/

http://pobs.mywalhalla.net/

http://turck-mmcache.sourceforge.net/index_old.html

You can use any of these...

http://pobs.mywalhalla.net/
Encoder :
http://www.rssoftlab.com/main.php4
Screw:
http://sourceforge.net/projects/php-screw/

http://sourceguardian.com/

is another more proffessional application...

//Jan
http://www.ivtaco.com

You could obfucate your code which will make it harder to break (but not impossible).
Here's an example:
http://www.virtualpromote.com/tools/php-encrypt/


0
 

Author Comment

by:Edwat
ID: 24324275
Guys, thanks for the input.

I mentioned earlier that sourguardian, ioncube and also zend guard fee is too high for me. Need other software that could protect the source code with lower fee..

btw, do they charge for each software license that I will distribute or it is a one time fee for the software to use? thanks
0
 
LVL 36

Expert Comment

by:Loganathan Natarajan
ID: 24324280
I have listed few freewares please try those.
0
 
LVL 4

Expert Comment

by:Andy1988
ID: 24324294
No, just for the software :)
0
 

Author Comment

by:Edwat
ID: 24332984
I just want to be sure..
so basically, ioncube or sourceguardian fee is just one time fee and after I buy their license I could encode and generate license for unlimited php script files?
0
 
LVL 4

Expert Comment

by:Andy1988
ID: 24332991
Yeah, you can. You just need to invest $199 one time.
0
 
LVL 14

Expert Comment

by:shobinsun
ID: 24333002
Hi.

Yes you are right.
0
 

Author Comment

by:Edwat
ID: 24333007
ok great. thanks for your input.
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Many old projects have bad code, but the budget doesn't exist to rewrite the codebase. You can update this code to be safer by introducing contemporary input validation, sanitation, and safer database queries.
Originally, this post was published on Monitis Blog, you can check it here . In business circles, we sometimes hear that today is the “age of the customer.” And so it is. Thanks to the enormous advances over the past few years in consumer techno…
Explain concepts important to validation of email addresses with regular expressions. Applies to most languages/tools that uses regular expressions. Consider email address RFCs: Look at HTML5 form input element (with type=email) regex pattern: T…
The viewer will learn how to count occurrences of each item in an array.
Suggested Courses

765 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question