Encrypt php and js code and monitor file changes

I want to encrypt my php and js code .
Server: linux
Hosting: shared type.

I can't change server setting as its shared server.

Issue my client always complaints that there is issue in some functionality when checked it came to our notice that file has been updated. We are 100 % sure that one of clients member do such type of changes so as to cancel my deal as it had happened more than 3 times.
So , i want to monitor whether there is any changes in my code and secondly encrypt my php and js code
LVL 15
Who is Participating?

Improve company productivity with a Business Account.Sign Up

Slick812Connect With a Mentor Commented:
As I said before about - "Is there any tool to minimise js", , , I do not use any off line tools for this, or online tools for that, I can say that the Google Code repository has many, many, many code tools, widgets, examples, demo, usage, "How To", and much other Good Stuff for web developers at -
you really should take the time to explore some of the possibilities there to get help in web development and code work! ! !
I believe that this "Closure Compiler" from google does optimization as it minifies js and other (html) code work -

but I can not do a web search for you on this, since I can not know what is "good stuff" and "not so good stuff" as far as "minimise js" and off line tools, , but this can do one js code at a time -
but it is online
Ray PaseurConnect With a Mentor Commented:
Zendguard?  IONCube?  Or just make a Google search for "PHP Obfuscation."  If your PHP scripts generate your JavaScript you can probably accomplish everything with a single encoding tool.  I don't really have an opinion on encryption; I'm sure someone else can answer that.  

It is easy to monitor the directory and detect updates.  You may choose to monitor each script file separately.  The design pattern is described in this article:

Basically, you make an md5() string from the data that is to be monitored.  When the new string changes from the old string, you write a small RSS feed (XML document).  You can have your RSS reader listen to the RSS feed, and it will alert you to any changes.  This does not tell you what changed, but it can give you a very timely alert that something changed!

A strategy to detect what changed would probably require mirroring the scripts and comparing the before-and-after versions.
Ray PaseurCommented:
Sidebar note... I tried this and had no success.  Seemed like a good idea, too bad it did not work.
The 14th Annual Expert Award Winners

The results are in! Meet the top members of our 2017 Expert Awards. Congratulations to all who qualified!

InsoftserviceAuthor Commented:
PHP Obfuscator  i hope all encoding tool has to be first installed on server for decoding it right?
Dave BaldwinConnect With a Mentor Fixer of ProblemsCommented:
Check with your host.  Zendguard and/or IONCube are frequently installed on shared hosting.  You may have to pay for your copy to encrypt your code.
InsoftserviceAuthor Commented:
Inquired they don't have such facility. Is there some other solution for the same
InsoftserviceAuthor Commented:
Any php or tool script to minimize all php and js scripts
Ray PaseurConnect With a Mentor Commented:
Here are some hosts that offer support for IonCube.

That, plus a version-control system should have you covered.
?????, , maybe I look at your stated problem differently? As you say -
    "one of clients member do such type of changes"

I take this as this - "clients member", has full read and write access to the specific PHP file-script on your server? And for this "clients member" to "cancel my deal" they Overwrite your specific PHP file-script on your server?

As To your - "want to monitor whether there is any changes", you might consider a linux CRON, that checks this PHP file every 15 minutes or so with some sort of checksum HASH value. If the file HASH does not match the stored HASH, then rename the file, move the file, or delete the file (or other file disable thing). But this will be some extra work for you!

As to limiting others access to the file, there may be a solution, but since you mention "encrypt", I will talk about that. ALL, and I mean ALL encrypt methods only help, if there is a secrete "Key" value that the encryption and the decryption agents (php scripts in this case) use, , that No One else knows! !  If your threat as this "clients member" can read your PHP file and-or javascript with the "Key" in that file, then encrypt, Will NOT Help.

What I would suggest, is that you have a type of "Log-In" to access this Info (your deal, I guess), where you have to know a secrete "Key" value entered into a <form> input, which is used to decrypt the deal information from an "encrypted file" or other PHP string source. That way only you, or someone that knows the secrete "Key" can get access to the hidden info. You can not have this secrete "Key" on your server in a file!

It may be possible to use a javascript decryption , where you have to enter a secrete "Key" to <input> and then get the info, , But this may be a complex multi-platform (php- javascript) code headache.

You may need to see about your user-member PHP file access, and why a member that is a threat (malicious) has access to your Deal data file?

Ask questions if you need more info, but a simple solution may not be possible? Again someone that is not authorized should NOT have access to your important files! ! !
InsoftserviceAuthor Commented:
Thx for all comments.
I was thinking to decrypt some imp php - javascript code and then minimize all js and php code keeping original copy at my end.
Is there any tool to do so. or php script for the same
Ray PaseurConnect With a Mentor Commented:
Slick812Connect With a Mentor Commented:
I read your last comment where you say -
"I was thinking to decrypt some imp php - javascript code and then minimize all js and php code keeping original copy at my end"

Sorry,  but I can Not really understand your programming "Terms" in that sentence, you say "decrypt some imp php", but I do not see what you mean by "imp php"? - 'imported php' maybe? ?

I think I know what you mean by -
"minimize all js and php code"
   but I can not see how that can help you with your problem, or I do not understand what you mean by "minimize" ? ?

You probably may not make an effective solution, if your "intruder" can read and alter your server "PHP files", That's why I suggested having a way to "restrict access" to your important files, so that your "intruder" can not change your important server "PHP files".

If you can not do that (restrict access), ,  and can not use Zendguard or IONCube, then you may need another way?

if you intend to "decrypt some imp php", you will need to set up your encryption procedures in a way that can exclude your "intruder" from accessing the important deal source.

You ask - "Is there any tool to do so. or php script for the same "
I really can not see what you may need to do from what you have said, much less suggest a tool to do it.

You have mentioned your "javascript" several many times here, so I wonder if your "javascript"  needs to be hidden also for your security issues?
Can you say some about what in your PHP code page, that you need to secure, is it a single string, or maybe a Deal array, or some API send to a vender for an order (deal)?
InsoftserviceAuthor Commented:
"imp php"? - means important php files. i.e files beside standard files of framework.
I can't use ioncube or zendguard as server does not supports it and i can't shift to other hosting server for the same.
I meant by encrypting the code and then minimizing it is because, intruder will not be able to use the code or change it easily.

I want to script or tool which could remove space and minimize php code.
I hope my points are now clear
Slick812Connect With a Mentor Commented:
I have never seen any "tools" or methods or apps that were made to remove line-breaks and extra spaces from a PHP code page, because the PHP code is not down sent to the browser, so that sort of thing would not be any benefit to most PHP coders. However There can be benefit to minimize a javascript File, I have never used any thing for that, I have seen a Jquery addon for that I think? And there are some web pages that do js minimize, but I'd just do a web search for that, so I can not recommend any, sorry.

You have now added a further complication to this (in my opinion) because you now talk about a "framework", which may or may not be something to deal with for the PHP code that may be needed for this. If it is a much used framework, then there might be some "plug-ins" or add-on that can help you with your php file access problems?

I suppose that "encrypting the code" means that you encrypt the entire php code page-file, so if you had the server file,  deals.php  , then you would want that entire file encrypted? But you really never tell us what the processes and working setups you need for the php code, so that some method of php encrypt-decrypt could be used some way. If you have a php code page encrypted as the file deals.hidden, then you will need a separate PHP file, to do the php decryption into a string, and then use that string in your php decryption code page,  OR write that string to a php file and try to use that in the decryption code page.
You may not need any code minimize, if your decryption page does not reveal the secrete Key.
But this is all getting to complicated for me to have any way to start on this, sorry, I may not can help.

You may think about looking to the php framework usage Forum to ask about add-on that might be helpful.
InsoftserviceAuthor Commented:
Thanx @Slick812 .
Is there any tool to minimise js. i don't want to do it online as i have got site which captures one js at a time and i have lot of js files and i dont want to do it one by one.
It would be great if i have some script to do it offline.
InsoftserviceAuthor Commented:
Thanx ton to all
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.