Protect my code from copy

Hello,

I am about to develop a huge application which I know will be used by a lot of people.

The thing is that I want to protect the PHP code, I do not want it to be read by anyone and I also want to know who has installed my script.

It is going to be free but I still, initially that is to say, want to make sure that the PHP code is protected.

I can use ioncube for this right?

However for the question of knowing who has installed it, what possibilities are there?

Its going to be free so Im not doing this to prevent people from installing, but I still only want people to install if they use a valid key or somethign liek that.

Has anyone done anything like this before?

Whats the best way?

Thanks.

 

hi,

i didnt used ioncube, but i find a free one...check out this

http://www.freedownloadscenter.com/Web_Authoring/Scripting_Tools/PHP_Encoder.html

 

Whats that unique about the php code that you need code protection? I'm curious cuz I don't know successful free php scripts with locked source.
IMHO it's not a model for success in today's world.

 

You need to check your server and people that buying the script. Some servers like host gator do no want this kind of scripts

 

Reselling and third party development.

I dont want anyone else to reuse any part of it, especially since I have plans for it to bring together multiple other sites out there that all perform one function and then bring them all together as one composite. It will definately make it powerful and something I want to protect. Surely you can understand that or is what I am saying strange


As for what the other guy said about HostGator..
I run my own servers I just havent ever tried to protect my code. I have installed zend optimizer and ioncube etc etc, however never used them.

 

The script will be free.

I will run it from my servers where people need (possibly for free providing the use falls under certain criteria) and then if it doesnt then Ill charge for the hosting. Although Im really looking for this to be free.

 

I do not believe that the best way to protect code is to release it as free. A determined coder will unlock your secrets and reuse whatever parts they want in their own projects. As long as they are not sharing with the world, you will never catch them.

Of the two approaches, I would think encoders are going to work significantly better than obfuscators. I have picked apart many obfuscated scripts in perl and PHP looking for clues as to how to hide things in mine, without paying for an obfuscator. There not many coders capable of unlocking an encoded script . . though nothing is impossible.

If it were me, would check out commercial products as well as searching for open source options. You might look at Source Guardian, which sounds like a pretty heavy duty solution, which also contains features that you wanted. PHTML Encoder offers a free and commercial versions.

Less costly and less robust solutions are obfuscators such as Protect Php. There is also PHPCipher, which looks to have a non-commercial product. Ioncube looks like an obfuscator.

 

Ughhh..

I dont know if I am allowed to post to a warez forum so I dont.. but I just googled and found a decryptor for that already. Took me about 2 minutes.


Makes me think that SourceGuardian is hardly that good. Thats annoying!

 

If there are decryptors available for encoders and obfuscators can be deciphered, there is no solution if you want to code in PHP or another scripting language. The only solution is to release a compiled executible -- though this means testing and maintaining versions for all the mainstream versions of Linux, BSD, as well as Windows -- and learning to code in another language. But, you cannot stop people who love reading machine code and hex to figure out how you did something! There is no protection. Just ask Microsoft.

Frankly, if you are so worried about people using your code, then do not consider releasing it. And, do not give it away for free. You do not owe the internet community so much that you need to share your work beyond the magic of any websites you create with the code. And, if people want to use your code, make then pay or make them buy your site(s).

If you think there is a business model for this project, pursue that. If you want to give it away for free, then stop worrying about people using, tweaking, fixing, hacking, extending, scalping it.

There is nothing you can create for computers that someone else cannot decipher and use as they will. All you can do is limit that number by increasing the difficulty.

 

Although obfuscators can be deciphered, that's only for the most determined of people. Encoders are pretty easy to hack though a number of 'mainstream' commercial encoders also do obfuscation.

Me, I use an obfuscator that I wrote. It's free if you want it ( http://www.asistechnologies.com/home/products/yaphpo/yaphpo-information.html ) but like everything, there's pros and cons.

But yeah, I'm 99% sure that at least one of the encoders does obfuscation first.

 

It makes a pretty tough copy :

<?php
$vcfcdb9b4 = "me@some.com %^--";
$v5bfd8fb4=true;
if (Trim($vcfcdb9b4)=="") $v5bfd8fb4=false;
if( $vcfcdb9b4 != fc0ba5ce8($vcfcdb9b4) ) $v5bfd8fb4=false;

function fc0ba5ce8( $v1cb251ec)
{
if(!$v1cb251ec) { return $v1cb251ec; }
$v5f801ba5='-a-zA-Z0-9_.\@';
$v1cb251ec = preg_replace( "/[^$v5f801ba5]/", "_", $v1cb251ec);
echo $v1cb251ec . "\n";
return $v1cb251ec;
}
?>

PHP:

 

Well, technically obfuscation won't stop you being able to *copy* it... it's the editing that it will slow down. If you have a decent routine (eg. callback to site or something) that is obfuscated, it will take a little more time to 'hack' it.

 

zend is one of the tops, but in the end it's not going to be worth it. Ioncube requires you to have additional libraries installed, no host wants to have to do that, especially if it has closed source. As a developer, I refuse to use code that has closed source, and if you want to alter it bad enough, you can.

 

SourceGuardian 7.0 is the latest version. Has it been cracked yet? I'm looking to buy it but don't want to waste my money.

 

Several different methods. Try using the Zend library with PHP for actual encryption, or you can use this smaller, easier method: Go into your code editor, and save a backup of the file. Bring up Find & Replace, and replace all line breaks with a space. Good to go! Same code, just totally compacted. When you look at it, it'll look like some ugly, deformed piece of crap

Nick Berlette

 

weblock pro? that pretty much hides the source code adn blocks everything

 

there are many scripts on the net which blocks a person wid a diff ip to view ur source....search in google...u shud surely get it!!

 

Yes it has.

I found a crack and tested it.

I would have bought it too.

Seems pointless.



When I say Crack, I mean something to decrypt the PHP code, not Crack as in free software.

 

Actually even I'm stuck with the same thing, it would be painful to see my script on warez forums. The problem with Ioncube / Zend is most servers don't have their libs installed afaik. I'm too looking for a solution so that user can only use the script with his domains not with any other. I'll be happy with some tips.

 

i heard some free scripts like wordpress, vbulletin and phpbb do quite well without any "protection".
i know some people who use paid and encoded scripts, was a bad investment because you cant change anything, and some parts of the program are just crap or buggy.