-1

So, you just created the next killer app, possibly in PHP. You have done everything to keep hackers out. There is no way they can steal the code! Except for someone from the web hosting company, of course!

My question is just that. How can you secure interpreted code from the web host? Is that even possible?

Singleton
  • 1
  • 1
  • The biggest threats usually are copycats and DDOS, and they don't need to exploit your web server nor source code. Stealing your source code definitely has its harm, but you need to hire a security expert to plan out all details, not asking around like this and receiving shattered tips. – Lex Li Oct 21 '22 at 15:18

1 Answers1

0

PHP specific:

There are PHP code encryption and obfuscation tools such as Zend Guard, IonCube , Source Guardian and several others that increase the barrier against others easily copying, re-using and/modifying your PHP code.

But there is no absolute protection to be achieved there.

The generally accepted simplification is:

Whatever safeguards and encryption you built into your software, they will not protect you from a determined adversary that has full control over the hardware where your software is running.

That why you normally also have additional protection and something engineers often overlook:

Code is Intellectual Property and there is a complete legislative industry surrounding protection methods for IP. Think in terms of contracts, copyright, patents etc. etc.

diya
  • 1,771
  • 3
  • 14
  • Do any of those tools work with frameworks like Symfony? Even if they can't encrypt/obfuscate the entire application, can they at least do that to the primary controllers/services? – Singleton Oct 21 '22 at 23:01