Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Ok something simple, I need to protect all the files on my server, what is the best way to do this. we already use HTTPS for any communication on or two the server, but nothing stops someone hacking into the the FTP (ok well there is a LONG LONG LONG password and a firewall) but how do I make sure that no one can download a PHP page and view the source code. unless they have the decypt code.
I looked at this site http://www.rightscripts.com/phpencode/index.php
but personally I would not put personal information about my site into it.
note: I dont mind paying something if its the best practice.
Cheers
Thanks
ionCube is very commonly deployed for this purpose. Please note however that even with a long FTP password, it is still vulnerable to anyone sniffing on the network for it as plain FTP does not provide any encryption at all.
Related
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
Improve this question
I am looking for a way to host a webpage and a mySQL data base but in internal network, like an intranet for example.
When I was working on the website and the database, I used MAMP to emule a server on my PC but this work only on one PC. I'm looking for a way to share this website on different PC but only on my internal network.
Sorry for bad english. If there's something not understandable, please ask.
If it's a "repost question", please lead me to the answer I'm looking for. If you need more information, be pleased to ask them.
Thanks.
Unless it is very sensitive I would go for an external webhotel like godaddy.com or similar in your country. And add password protection on the site.
If you want to host it you need a computer that is on 24/7 and install your setup there, but then you are required to handle hardware failures, updating the software and so on.
MAMP and others should work. You might be visiting http://localhost:1234/index.php on your machine so on your network on other device, try http://yourmachinename:1234/index.php. As long as the ports are open, this should work.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
Seomeone placed script in my site that send email, how I cant found this script ?
I use parallels and Linux CentOs.
I'm search keyword in site "mail(", but also cant be that code is like hash
It could be anywhere, and it could be anything. It could even have been deleted.
We did have a situation a while back where a client lost control of their password due to a keylogger and someone was uploading a CGI script to spam emails, running it then deleting it. We only found out via FTP logs what was going on.
Try checking your ftp logs, web server logs and if all that fails and you are sure it is php then try searching for eval( as that is an often used tactic to hide what a script is doing.
More importantly though, my suggestion would be to get someone who is experienced in server management to have a look at your site as a matter of urgency. If they were able to upload a file to your site once, then even if you remove it, it won't stop them doing it again until you find exactly how they were able to do it.
You might also have a look at your scripts. Is there a contact form somewhere on your site? You might have not escaped userinput very well, which gives an attacker the ability to send mails to other recipients.
I had a similar situation in my early days until the host blocked the script and told me to fix it.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
I developed and distributed a trial version of a PHP software I sell.
I used ioncube to encode the PHP source and check the installation date online. It works pretty well but the problem is that most of the users who downloaded the trial don't even install it, probably because they realize they need to edit php.ini and copy the ioncube loader somewhere in their computers.
Almost all the similar questions on stackoverflow advise ioncube, zend or similar solution...could you advise a simpler (from the point of view of the user) solution?
I don't care if it is less secure than ioncube, I'm ok if it works and prevent cracking for most of the user.
Thanks in advance.
PHP is a scripting language, and it can be quite easy to decode (and disable the trial functionality)
What you could try is hosting it on a demo server, granting access to that for a limited time, and then later revoke access when the trial period is over
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Can anyone suggest me some free webservers, where i can upload my site and test it. My current one is giving me and error, that actually should not happen. And maybe it works with another server.
I've found izfree to be pretty good when I've needed quick hosting in a pinch. I wouldn't recommend it for anything in production though as its uptime isn't as good as it could be.
EDIT: Although looking at it, it may not even be maintained anymore. I last used it in 2009...
Simply set up a local server with programs like xampp. You can download it here: http://www.apachefriends.org/en/xampp.html
Much faster, agile and more convenient than testing on actual servers.
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 11 years ago.
Improve this question
Curious on how safe can your PHP source code be from the servers you put them on. Would a hosting company steal or do anything with your code that you would not want them to do?
Could? Yes. Would? Not unless they're owned by the Russian Mafia. Use a reputable hosting provider.
It depends on your hosting company's terms of service, and also the kind of service for which you are paying.
If you're in a shared hosting environment, chances are the hosting company will reserve the right to look at your code, in case it's causing performance issues for other customers.
If you're paying for a dedicated server, your host probably doesn't care what you do on there (unless you get them RBL'ed) and wouldn't even bother taking the time to look at your code.