[thelist] Protect PHP Application

Jeremy Weiss eccentric.one at gmail.com
Tue Jun 10 21:13:29 CDT 2008

Assuming you're app is coded in PHP, I'd recommend Zend Optimizer. Just
encrypt the code with your ip check function in it.

If it were me, I'd go with the option of sending the new guy an email
politely explaining that you don't provide training, just support and that
he should look elsewhere for help learning... maybe even throw him a link to
a for dummies book at amazon. But that's just me, because I enjoy messing
with folks. :)


On Tue, Jun 10, 2008 at 10:47 AM, Mark MacInnes <mark.macinnes at gmail.com>

> Hello,
> Recently, one of my clients has employed an in-house web developer. Whilst
> I
> am (relatively) happy to deal with this guy, he has been asking a huge
> number of questions about how the site operates as well as questioning my
> abilities (which blatantly being very inexperience himself). I amalso
> concerned with this individual taking my application and selling it off as
> his own work.
> So I have two main issues. How would you/your company deal with this
> situation? Would you answer every question in detail, thus effectively
> training up this guy and giving work away that strictly should be ours? Or
> would you politely state that it is not in your interests to train this
> individual and that whilst you offer support to the client in terms of
> running the site and any bugs that appear, you do not in terms of how it is
> coded?
> Secondly, how would you protect your application? Obviously copyright
> grants
> me protection, but this is only effective when you know the product has
> been
> stolen. I have come up with having a small function that checks the server
> ip and e-mails back if it does not match authorised IPs, however this could
> be easily disabled if removed. I also have come up with moving some core
> files to another location on the server (the client is hosted on my own
> server) and not giving the developer access to these files, thus if the
> application is stolen the developer wouldn't be able to run the application
> without lots of effort, however this still means that he would have access
> to a lot of code. I realise there is only so much that can be done to
> protect my work in this environment, however I want to employ at least a
> few
> tactics.
> Cheers,
> Mark
> --
> * * Please support the community that supports you.  * *
> http://evolt.org/help_support_evolt/
> For unsubscribe and other options, including the Tip Harvester
> and archives of thelist go to: http://lists.evolt.org
> Workers of the Web, evolt !

Internet Consultant | Blue Phoenix Consulting, LLC
Online Lead Generation & Internet Consulting

More information about the thelist mailing list