How to protect my source code when deployed?

Question

Is there a way to encrypt or enclose my code on my Linux server after deployment? I know Zend does some kind of encryption, right? Is that what people use? Is this even possible? How do I go about keeping my code secure online?

Answer 1

1. Periodically check the open ports on you server
2. Do not trust the data coming from the browser - verify it and validate it.
3. Periodically do an audit of the processes on your machine and who can access them
4. Only have files in the document root that should be accessible by the outside world. Include files etc should not exist here
5. Check the log files periodically to check for suspect access.
6. For PHP errors/warnings - find a mechanism that does not give the client (browser) any info what has gone wrong. Send that to yourself. This is true for MySql as well.

Answer 2

You are right, you can use Zend Encoder, Ion Cube or something like Source Guardian to encrypt your source code.

Its not really needed unless you are giving away your code and dont want people to steal it though.

What is it about your server that you think its insecure?