3 replies to this topic

[Misanthrope]

Hello everyone.
Would someone be able to tell me the best methods to protect my PHP scripts from being read, copied, stolen, or replicated without my permission.
Without compromising the functionality of the website of course.

Thanks

[Alexander]

PHP files cannot be read by the end user without an apparent vulnerability. The most common ways to break into a script would be XSS, SQL injection or incorrect permissions, such as setting scripts that do not require write access to be above permission 755.

[Misanthrope]

Thank-you very much for your speedy reply Nullw0rm.

So users will never be able to plainly 'read' my php scripts if the permission is set to read? (755)
And I can post my php scripts in my public_html folder with no concerns?

I'm quite new at this so I apologize for the lack of this basic knowledge.

Thanks

[Alexander]

Any PHP file ran by the user will not show its source, for example if you place a PHP file in public_html and they run it, they can only see what is generated (no PHP code at all!)

The permissions thing only helps stop hacks from within your own server, such as if you are on a shared host, it is a good practise.