FAQTs - Knowledge Base - View Entry - How can I protect my source code (writed in PHP)?, Can I encode my code??

faqts : Computers : Programming : Languages : PHP : Database Backed Sites : MySQL : Questions in search of an Answer

+ Search

Entry

How can I protect my source code (writed in PHP)?, Can I encode my code??

Dec 8th, 2001 19:39
Pete Pomuroff, Al Ac, Roberto Valenzuela,

you can use the zend encoder from http://www.zend.com
----------------
This is what the manual says-
Hiding PHP
A few simple techniques can help to hide PHP, possibly slowing down an attacker who is attempting to discover weaknesses in your system. By setting expose_php = off in your php.ini file, you reduce the amount of information available to them.
Another tactic is to configure web servers such as apache to parse different filetypes through PHP, either with an .htaccess directive, or in the apache configuration file itself. You can then use misleading file extensions: Example 4-12. Hiding PHP as another language
# Make PHP code look like other code types
AddType application/x-httpd-php .asp .py .pl
Or obscure it completely: Example 4-13. Using unknown types for PHP extensions
# Make PHP code look like unknown types
AddType application/x-httpd-php .bop .foo .133t
Or hide it as html code, which has a slight performance hit because all html will be parsed through the PHP engine: Example 4-14. Using html types for PHP extensions
# Make all PHP code look like html
AddType application/x-httpd-php .htm .html
For this to work effectively, you must rename your PHP files with the above extensions. While it is a form of security through obscurity, it's a minor preventative measure with few drawbacks.
Go to http://www.php.net and download the manual - very usefull.
If you're using windows, you can get the manual as a windows help file and do all sorts of neat stuff- like search for"protect code"
:)