Home > Article > Backend Development > How to protect php code
How to protect php code?
How to protect php code security
php_screw
screw plus is an open source php Extension, its function is to encrypt PHP files. There are many PHP encryption services on the Internet, but most of them only provide obfuscation level encryption. If someone gets the encrypted file and asks for it, it can be cracked as long as you have enough patience. The difference is that screw plus uses extensions to encrypt and decrypt, and it is a high-strength AES256 encryption popular in the global financial industry. Unless the server is cracked, the encrypted files obtained by hackers will only be a bunch of garbled characters.
Recommended: "PHP Tutorial"
1. Clone a copy of the code
git clone https://git.oschina.net/splot/php-screw-plus.git
2. Execute the phpize file of php
/usr/local/php/bin/phpize
3. Start configuring and compiling
./configure --with-php-config=/usr/local/php/bin/php-config
4. Before compiling, we can modify the encrypted key. Open php_screw_plus.h and you can see that the beginning is #define CAKEY "..." and change the value inside Change it to a sufficiently complex key, preferably more than 16 bits.
vi php_screw_plus.h
5. The decryption program is compiled
make
Execute the make command. If Build complete is displayed at the end, it means the compilation is successful. The php_screw_plus.so extension file will be found in the modules. Please report an error if Repair according to the prompts, then make clean and recompile.
6. Manually compile the encryption program. Enter the tools directory and execute the make command. If no errors are reported, the extension is completely compiled.
cd tools make
7. Add the extension path to php.ini. You can copy modules/php_screw_plus.so to the php extension directory.
vi /etc/php.ini //安装screw_plus扩展 extension=php_screw_plus.so
8. Restart the php service and check whether the phpinfo extension is enabled
php_screw_plus support enabled
How to use encryption and decryption?
Encryption: In the extended tools directory, execute ./screw [path], [path] can be a single file or a folder, and then encryption can be achieved.
./screw /home/web/ //表示加密web目录的所有php文件
Decryption: Execute ./screw [path] to encrypt, add the -d parameter after it to decrypt
./screw /home/web/ -d //表示解密web目录的所有php文件
The above is the detailed content of How to protect php code. For more information, please follow other related articles on the PHP Chinese website!