How do you protect (PHP) source code from the web host?

Singleton

10/21/23, 10:00 AM

So, you just created the next killer app, possibly in PHP. You have done everything to keep hackers out. There is no way they can steal the code! Except for someone from the web hosting company, of course!

My question is just that. How can you secure interpreted code from the web host? Is that even possible?

1294

1 + 1

security

php

web-hosting

Lex Li

10/21/23, 3:18 PM

The biggest threats usually are copycats and DDOS, and they don't need to exploit your web server nor source code. Stealing your source code definitely has its harm, but you need to hire a security expert to plan out all details, not asking around like this and receiving shattered tips.

Score:0

Server

diya

10/21/23, 10:35 AM

PHP specific:

There are PHP code encryption and obfuscation tools such as Zend Guard, IonCube , Source Guardian and several others that increase the barrier against others easily copying, re-using and/modifying your PHP code.

But there is no absolute protection to be achieved there.

The generally accepted simplification is:

Whatever safeguards and encryption you built into your software, they will not protect you from a determined adversary that has full control over the hardware where your software is running.

That why you normally also have additional protection and something engineers often overlook:

Code is Intellectual Property and there is a complete legislative industry surrounding protection methods for IP. Think in terms of contracts, copyright, patents etc. etc.

+ 1

Singleton

10/21/23, 11:01 PM

Do any of those tools work with frameworks like Symfony? Even if they can't encrypt/obfuscate the entire application, can they at least do that to the primary controllers/services?

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How do you protect (PHP) source code from the web host?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.