0

So I'm trying to make my own mini CMS, and just for my knowledge once I get it good enough, and I know enough, I'd like to sell it. Now for licensing, I know there's tons of licensing scripts you can pay for, but would the following be advisable?

I'd like to plant a script hidden in my CMS where instead of checking for some sort of key, it checks if your domain is allowed to run the CMS by running it past the main CMS database. Now I have two questions.

1.) Could I encrypt the code, so if I wanted it to redirect to a page where it just says "CMS Deactivated" For example, so that people don't go through the code just ctrl-f searching for the key text?

2.) I was going to reach the domain name by doing the following, $_SERVER['SERVER_NAME']. Is that going to be a reliable way of checking the domain? IE. Will IIS pick up on it?

I'm not trying to completely extinguish cracking of the CMS, I know that is impossible.

SomeKittens
  • 38,868
  • 19
  • 114
  • 143
Necro.
  • 987
  • 6
  • 17
  • 29
  • I really wouldn't worry about this at your level. Write your best, have fun, and don't worry about the money. – SomeKittens Oct 12 '12 at 01:08
  • I agree. I don't plan on making any money off of the ideas I have for at least a couple years. One thing I don't want to be is a cocky. – Necro. Oct 12 '12 at 02:11
  • Thinking big isn't a problem, but also pay attention to reality. Continue to take on projects that you can handle (but involve learning new things) and you'll be on your way to excellence. – SomeKittens Oct 12 '12 at 02:19

2 Answers2

0

Maybe you should consider housing the whole thing on your own servers and making the content accessible via a REST API. You can certainly restrict and control that way.

Providing a CMS with source code to any client opens you to evaluation and cleansing. Not saying there's no way, but I am saying it may be easier for you to provide the content via REST than to write perfect security. Especially if you're asking this question.

Kai Qing
  • 18,793
  • 5
  • 39
  • 57
  • That means a lot of load on your servers and can lead to scaling problems. – SomeKittens Oct 12 '12 at 01:11
  • indeed it does. but is can be managed and cached. Big problem, yes. But not so different a problem as the original. For now, however, scaling can be put off until he knows there is any demand that would necessitate scaling. – Kai Qing Oct 12 '12 at 01:14
  • Absolutely. Just making sure that @necro is aware of the pros/cons. – SomeKittens Oct 12 '12 at 01:15
0

As I said in my comment, I think worring about money is irrelevant for now, but here's some information for you to learn from.

1.) I haven't found an encryption solution that works. Any will require you to install additional PHP components (and no one wants to deal with that when there are plenty of free CMS's out there). There is code obfuscation, but that's iffy at best.

2.) According to this page, that should work on IIS!

Community
  • 1
  • 1
SomeKittens
  • 38,868
  • 19
  • 114
  • 143