I am looking for recommendations with regard to this i was thinking of IonCube but due to the single machine licence i alone use 3 terminals 1 office 1 notebook and 1 in the home office this makes it quie uncost effective.

Bascially i want them encode/crypeted so no one can read them or understand the source they must be proven methods, i will be probably using PHPaudit with it so i can issue licencing correctly!

thanks

IonCube does allow you to encode your files by uploading them to their online encoder, and paying a small fee. You can also do "Test" encoding, where the encoded files expire after 8 hours.

Not to sure about the licensing issues, but you may be able to install it on one machine, and use that machine via remote control to encode your files.

I purchased ionCube about a month ago, and that was the best decision I have ever made. Their support is great hands down, their product is superior then their competitors. I talked to a few people who offered both Zend and ionCube, and they said if anything has been "nulled" it was almost always the Zend version and not ionCube.

They restrict your license to your MAC address, so it's almost impossible to try and break it. And I wouldn't advise you to either :)

What I was meaning was that in theory it's possible to do automatic encoding through an API if someone was to buy your software, using the machine as a "server", if it were. Then, once the encoding is done, it is possible to offer the encoded product, say with a unique customer key in the comment/message field, for the customer to download. :)

What I was meaning was that in theory it's possible to do automatic encoding through an API if someone was to buy your software, using the machine as a "server", if it were. Then, once the encoding is done, it is possible to offer the encoded product, say with a unique customer key in the comment/message field, for the customer to download. :)
Certainly. Like in linux, you can just use simple php based shell commands to generate the license and encode on the fly. I have never used ioncube commercially but I have test it and it wokrs great.

Has anyone tried Turck MMCache?

How does it compare against IonCube?

Well i hit a few snags with our tutorial lease system not only was it insecure i within 4 hours had ripped it to bits thus getting the protected date.

I am there for about to order a rebuild, but i want to basically use Ioncube encryption and phpaudit software

This should allow me to licence the leased product as well as protect teh php source files for the clients to upload to get the remote files.

I would need it to check everytime the file is run remotly with 1 of the 4 authorising servers i belive phpaudit can do this.

And with the encryption this should help

Thank
Nathan

PADL (http://www.hotscripts.com/Detailed/48224.html) is a nice piece of work in itself, and completely free for the "licensing" aspect of things. :)

What si a good free alternative to ionCube?

What si a good free alternative to ionCube?


there isnt one. Perhaps a good alternative, perhaps a free alternative.... but there is no good AND free alternative to IonCube. Besides, it's worth the money.

:cool:

Speaking as impartially as we can, axx2k is correct. Most particularly with the emergence of decompilers for PHP, if you want the best security (frankly any security at all), you must not only go for a compiled code solution, but one with a closed source executor. Currently that rules out not only any free onces, but also all but one other commercial one (Zend). ionCube and Zend have historically always employed closed source executors, and since January for ionCube, and rather more recently for Zend, these have been exploited further to give increased security against decompilation.

You can protect code for as little as under $200, and particularly if securing code in order to protect a revenue stream, the cost for both protecting IP and competitive edge as well as making product evaluations feasible, is nominal. It's also no stretch to say that if protecting evaluations, when considering the bottom line the product cost will prove to be negative because sales are almost guaranteed to increase as a result of protecitng the evaluation copies. Our testimonal from x-cart about a 500% increase in sales after purchasing the Encoder always sticks in our mind because it makes this point so very well.

Another point to consider is that these solutions have for a long time been established as the recognised industry standards for PHP code protection, and whilst many hosts choose not to install Zend Optimiser or other extensions as standard, and the ionCube Loader cannot always be installed dynamically from user space, they are trusted solutions and most hosts will have no problem providing support for their customers if asked. If, on the other hand, you provide your code and an unknown extension that you have compiled, any responsible host will not touch that with a proverbial barge pole as they have no knowledge of what is in the extension. Furthermore, you are faced with the very issue of building the extension in the first place. Providing your product and C source code that must be built by the end user is a non-starter, and you may not have access to the half a dozen or so target platforms that are commonly in use by web hosts in order to build the decoder components anyway; e.g. x86 Linux, x86-64 Linux, Windows, FreeBSD x86, FreeBSD x86-64, OS X ppc, OS X x86, and so on.

Whilst spending any money for software can at times be a wrench, a proven solution plus the guarantee of product support, wide target platform coverage, industry wide acceptance and numerous other benefits, and with no need to pfaff around oneself with trying to build a solution, is generally well worth the price, particluarly when it starts at under $200!

PHPAccelerator is a free PHP encoder/accelerator. If your looking for industrial strength encryption, i would highly suggest Zend though.

Its been prooven impossible to decrypt the WHOLE code, to its orginal format... And it would take a skilled guru to even decrypt a bit of the code.

Its been prooven impossible to decrypt the WHOLE code, to its orginal format... And it would take a skilled guru to even decrypt a bit of the code.

Although your statement "original format" is correct, it was possible to decode the whole Zend encoded source with the previous version by paying a small amount to one of the many decoder services available. I tested this myself. Now they have a new release and I can't say how secure that is since I've not tested it. On another note, the performance of encoded scripts is faster if they're ionCube encoded than if they're Zend encoded. Another reason why ionCube is superior.

PHPAccelerator is a free PHP encoder/accelerator. If your looking for industrial strength encryption, i would highly suggest Zend though.

We must be careful here to be precise. PHP Accelerator is really a generic term, where the goal is to achieve a speedup through compiled code caching. It is not about encoding, and encoding/encrption and acceleration are not good bed fellows.

The free product called PHP Accelerator, or PHPA, was the original and first accelerator to match or exceed the performance of Zend Cache (as it was known around 2000/2001 and until Zend renamed it Zend Accelerator just after PHPA was launched). This only performs acceleration, and does not handle encoding. This, incidentally, is being replaced soon by the ionCube Performance System (IPS), offering better performance and many new features. Again, this does not handle encoding, but will accelerate both regular and encoded files.

EAccelerator, the resurrection of mmcache, offers both acceleration and an encoding feature, and is opensource and free. There is effectively now no security with EA due to the opcodes being trivial to access, and therefore decompile if in posession of a decompiler. There was never any way to lock files to machines or have file expiry with that solution (if unsure why, it's opensource remember!), but it's not a bad tool to play with for locking files on your own website.

On the encoding front, both ionCube and Zend offer exactly the same "industrial strength" encoding, with the key being compiled code and closed source executor. As well as price, there are some clear technical advantages of one product over the other, (and some less clear until you're already using a solution, such as why ASCII encoding on the file format is really important instead of binary), but the best thing as always is to do due dilligence. Try the evals, check out the support forums and ask for help in the helpdesks if you need it on the eval (it can be good to see how a company responds to support requests as many companies look equal until something goes wrong and you need help), check the licensing terms and annual fee structure, and then make a decision. As tickedon said, going for both can make it easier for customers if they happen to be setup already for one solution and not the other, and may in itself be a selling point for ones company over the competition that can then be advertised.