Best way to protect your PHP software ?

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • qw12er
    Confirmed User
    • Apr 2004
    • 799

    #1

    Best way to protect your PHP software ?

    I'm about to deploy a php software onto a client server. What is my best way to make sure he doesn't alter/read/modify or make a copy of my software ?

    Zend Guard seems the best approach but is it really ? What are my other options ?

    thanks
    I have nothing to advertise ... yet.
  • brassmonkey
    Pay It Forward
    • Sep 2005
    • 77396

    #2
    you cant its all crackable even ion cube
    TRUMP 2026 KEKAW!!! - The Laken Riley Act Is Law!
    DACA ENDED - SUPPORT AZ HCR 2060 52R - email: brassballz-at-techie.com

    Comment

    • qw12er
      Confirmed User
      • Apr 2004
      • 799

      #3
      Originally posted by brassmonkey
      you cant its all crackable even ion cube
      Everything's crackable ... but what's the best option ?
      the legal dept will ensure strict usage policy and hold businesses accountable for leaks. But we still need some level of technical protection.
      I have nothing to advertise ... yet.

      Comment

      • ottopottomouse
        She is ugly, bad luck.
        • Jan 2010
        • 13177

        #4
        There's a deZender thing floating about that any idiot (no brains needed) could use on it.
        ↑ see post ↑
        13101

        Comment

        • brassmonkey
          Pay It Forward
          • Sep 2005
          • 77396

          #5
          Originally posted by qw12er
          Everything's crackable ... but what's the best option ?
          the legal dept will ensure strict usage policy and hold businesses accountable for leaks. But we still need some level of technical protection.
          php shield then
          TRUMP 2026 KEKAW!!! - The Laken Riley Act Is Law!
          DACA ENDED - SUPPORT AZ HCR 2060 52R - email: brassballz-at-techie.com

          Comment

          • qw12er
            Confirmed User
            • Apr 2004
            • 799

            #6
            Originally posted by ottopottomouse
            There's a deZender thing floating about that any idiot (no brains needed) could use on it.
            hummm that's not good. Not good at all...
            I have nothing to advertise ... yet.

            Comment

            • qw12er
              Confirmed User
              • Apr 2004
              • 799

              #7
              any other options !?
              I have nothing to advertise ... yet.

              Comment

              • brassmonkey
                Pay It Forward
                • Sep 2005
                • 77396

                #8
                Originally posted by qw12er
                any other options !?
                http://www.phpshield.com/ is one of the two i remember that isnt being cracked i cant think of the other one.
                TRUMP 2026 KEKAW!!! - The Laken Riley Act Is Law!
                DACA ENDED - SUPPORT AZ HCR 2060 52R - email: brassballz-at-techie.com

                Comment

                • qw12er
                  Confirmed User
                  • Apr 2004
                  • 799

                  #9
                  Originally posted by brassmonkey
                  http://www.phpshield.com/ is one of the two i remember that isnt being cracked i cant think of the other one.
                  According to their website PHPShield is the same as sourceguardian which is cracked by deZender !

                  phpSHIELD is a premier php Encoder product, originally developed in 2003. In 2006 phpSHIELD joined forces with Inovica Ltd, developer of the SourceGuardian PHP Encoder and we integrated our system with theirs. Our two PHP Encoding products are similar, but they target different markets.
                  I have nothing to advertise ... yet.

                  Comment

                  • Brujah
                    Beer Money Baron
                    • Jan 2001
                    • 22157

                    #10
                    Why do you want to keep him from reading it or modifying it? Don't encode your software!

                    Comment

                    • qw12er
                      Confirmed User
                      • Apr 2004
                      • 799

                      #11
                      because I need to put the files on their server ...
                      I have nothing to advertise ... yet.

                      Comment

                      • Broda
                        Confirmed User
                        • Feb 2003
                        • 1874

                        #12
                        Chances are that he really has no interest in cracking it.
                        If he does, he'll find a way around it, no matter how you encode it.
                        So to make it ever more difficult for him, why don't you obfuscate the h*ll out of it? And apply plenty of evals where possible, as well. That would at least give you the satisfaction of knowing that it'll be a pain in the *ss for whomever's going to crack it.

                        A word of advice on that: remember to keep an unobfuscated copy for yourself ;) hehe
                        CheapAssDesigns.com - when you need quality designs at affordable prices.
                        icq: 230-729-205
                        info |at| cheap ass designs dot com

                        Comment

                        • brassmonkey
                          Pay It Forward
                          • Sep 2005
                          • 77396

                          #13
                          Originally posted by qw12er
                          According to their website PHPShield is the same as sourceguardian which is cracked by deZender !
                          contact me at scriptdude333 -at- yahoo and ill give u the details
                          TRUMP 2026 KEKAW!!! - The Laken Riley Act Is Law!
                          DACA ENDED - SUPPORT AZ HCR 2060 52R - email: brassballz-at-techie.com

                          Comment

                          • myneid
                            Confirmed User
                            • Jan 2003
                            • 736

                            #14
                            Originally posted by Brujah
                            Why do you want to keep him from reading it or modifying it? Don't encode your software!
                            i agree, the best way to protect your software is a shift of your thinking about it.

                            why not let them read and modify, probalby not going to harm you that much, if anything they will see how good of a coder you are hire you more.

                            i've always been against software encoding. if you are worried about them copying it, attatch a license in there and put it public on a website or something.
                            Tanguy 0x7a69 inc. Programmer/President/CEO
                            http://www.0x7a69.com
                            A Leader in Programming since 1996
                            PHP, Ruby on Rails, MySQL, PCI DSS, and any Technical Consulting

                            Comment

                            • qw12er
                              Confirmed User
                              • Apr 2004
                              • 799

                              #15
                              Originally posted by myneid

                              i've always been against software encoding. if you are worried about them copying it, attatch a license in there and put it public on a website or something.
                              if they have the code ... won't they just have to disable liscence validation !?
                              I have nothing to advertise ... yet.

                              Comment

                              • u-Bob
                                there's no $$$ in porn
                                • Jul 2005
                                • 33063

                                #16
                                <--- never buys encoded scripts.

                                Comment

                                • myneid
                                  Confirmed User
                                  • Jan 2003
                                  • 736

                                  #17
                                  Originally posted by qw12er
                                  if they have the code ... won't they just have to disable liscence validation !?
                                  its not about disabling anything, its about having it there.
                                  or just encode the license part of it. use ioncube
                                  personally i dont sell software, so maybe i have a skewed view, but hte only way you can protect your source is by selling it as a servivce and hosting it yourself.

                                  when i come across small softwares that are encoded, my initial reaction is always that its encoded so that people cannot see how poorly it is coded and all the security holes.
                                  of course thats not true in most cases, but a lot of people get that feeling.

                                  i prefer to be open about everything.
                                  Tanguy 0x7a69 inc. Programmer/President/CEO
                                  http://www.0x7a69.com
                                  A Leader in Programming since 1996
                                  PHP, Ruby on Rails, MySQL, PCI DSS, and any Technical Consulting

                                  Comment

                                  • czarina
                                    Webmaster Extraordinaire
                                    • Jul 2002
                                    • 10752

                                    #18
                                    use flash

                                    Comment

                                    • Broda
                                      Confirmed User
                                      • Feb 2003
                                      • 1874

                                      #19
                                      Originally posted by czarina
                                      use flash
                                      What difference would that make?
                                      CheapAssDesigns.com - when you need quality designs at affordable prices.
                                      icq: 230-729-205
                                      info |at| cheap ass designs dot com

                                      Comment

                                      • BestXXXPorn
                                        Confirmed User
                                        • Jun 2009
                                        • 2277

                                        #20
                                        Originally posted by myneid
                                        its not about disabling anything, its about having it there.
                                        or just encode the license part of it. use ioncube
                                        personally i dont sell software, so maybe i have a skewed view, but hte only way you can protect your source is by selling it as a servivce and hosting it yourself.

                                        when i come across small softwares that are encoded, my initial reaction is always that its encoded so that people cannot see how poorly it is coded and all the security holes.
                                        of course thats not true in most cases, but a lot of people get that feeling.

                                        i prefer to be open about everything.
                                        What he said

                                        Except I would argue that software being fucking nasty, full of security holes, and full of bugs is probably true for about 95% of what's out there...

                                        I would never buy a web "application" that was closed source... ever...

                                        And what do you care if they modify it? That just means you no longer have to support it...

                                        I can understand wanting to prevent it from being copied... but honestly... the only real way is to host it yourself and sell it as a service; or charge monthly for support or something. That model works for MySQL, various Linux distros, and everyone else open source; I think it should be able to work for your app.
                                        ICQ: 258-202-811 | Email: eric{at}bestxxxporn.com

                                        Comment

                                        • u-Bob
                                          there's no $$$ in porn
                                          • Jul 2005
                                          • 33063

                                          #21
                                          Originally posted by myneid
                                          when i come across small softwares that are encoded, my initial reaction is always that its encoded so that people cannot see how poorly it is coded and all the security holes.
                                          of course thats not true in most cases, but a lot of people get that feeling.
                                          same here.

                                          Comment

                                          • GrouchyAdmin
                                            Now choke yourself!
                                            • Apr 2006
                                            • 12085

                                            #22
                                            As mentioned several times, ZendGuard is a dumb idea. It won't even work with PHP>5.2, and it's very hackish, and easy to decrypt. ionCube takes a bit more work, but if you're trying to keep it your own intellectual property, your best bet, as mentioned, is to encode the licensing bit, and ensure it uses an external call to your own servers every so often for an update.

                                            Sure, if it's as simple as a 'return true/false', it's not gonna be hard to mess with, but if you make it a bit more inline for functionality, it'll likely be worth their time to just buy it rather than steal it.

                                            Comment

                                            • Varius
                                              Confirmed User
                                              • Jun 2004
                                              • 6890

                                              #23
                                              Agree with others above; if you want to secure it, offer it as a service from your own servers or through an API.

                                              If you want people to install it on their side, don't encrypt it - it's not worth the hassle.

                                              Will some people spread your software around for free or run it across multiple sites, losing you potential revenue? Of course. Will you still be able to make a profit on a solid product? You sure can.
                                              Skype variuscr - Email varius AT gmail

                                              Comment

                                              • Zyber
                                                Confirmed User
                                                • Aug 2001
                                                • 832

                                                #24
                                                Originally posted by myneid
                                                the only way you can protect your source is by selling it as a servivce and hosting it yourself.
                                                We have a winner!

                                                Comment

                                                • HomerSimpson
                                                  Too lazy to set a custom title
                                                  • Sep 2005
                                                  • 13826

                                                  #25
                                                  Zend or Ioncube
                                                  Make a bank with Chaturbate - the best selling webcam program
                                                  Ads that can't be block with AdBlockers !!! /// Best paying popup program (Bitcoin payouts) !!!

                                                  PHP, MySql, Smarty, CodeIgniter, Laravel, WordPress, NATS... fixing stuff, server migrations & optimizations... My ICQ: 27429884 | Email:

                                                  Comment

                                                  • qw12er
                                                    Confirmed User
                                                    • Apr 2004
                                                    • 799

                                                    #26
                                                    Originally posted by Zyber
                                                    We have a winner!
                                                    no we don't ... my clients are banks and mainstream corp. that won't let their data pass through an other server than the one they give me access.

                                                    It's a 200k $ software that deal with test (which is oftenly confidential) data.
                                                    (It's more than 80 000 lines of code)

                                                    I need something really strong and professional ...
                                                    I have nothing to advertise ... yet.

                                                    Comment

                                                    • raven1083
                                                      Confirmed User
                                                      • Jul 2007
                                                      • 7687

                                                      #27
                                                      ask those who are knowledgeable 'bout it
                                                      Femdom Stories | Bound BBW Blog and Videos |Bondage Sex Videos and Pictures

                                                      Hardcore Japanese Bondage | BDSM Movies And Galleries Mistress Cuckold CBT

                                                      Comment

                                                      • lagcam
                                                        Confirmed User
                                                        • Jul 2007
                                                        • 2890

                                                        #28
                                                        Originally posted by qw12er
                                                        no we don't ... my clients are banks and mainstream corp. that won't let their data pass through an other server than the one they give me access.

                                                        It's a 200k $ software that deal with test (which is oftenly confidential) data.
                                                        (It's more than 80 000 lines of code)

                                                        I need something really strong and professional ...
                                                        You are worried that people paying $200k for your software are going to hack it, copy it or resell it?

                                                        I think you need to step out from that dark programming room, breathe some air and study the basic principles of business for a while.
                                                        Working Cam site for sale - NOT affiliate.

                                                        Comment

                                                        Working...