Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Possible to view PHP code of a website?

Tags:

html

linux

security

php

People also ask

Can you view PHP code from a website?

Web developers and others who are knowledgeable about web pages know you can use a browser to view the HTML source code of a website. However, if the website contains PHP code, that code is not visible, because all the PHP code is executed on the server before the website is sent to a browser.

Can anyone see my PHP code?

With a correctly configured web server, the PHP code isn't visible to your website visitors. For the PHP code to be accessible by people who visit your website, the server would have to be configured to display it as text instead of processing it as PHP code.

Can you view the code of a website?

To view only the source code, press Ctrl + U on your computer's keyboard. Right-click a blank part of the web page and select View source from the pop-up menu that appears.

Can hackers see my PHP code?

So anyone who gets access to your server (via FTP, your web hosting control panel, a vulnerability in the PHP code you write) has potential to read through your PHP. The only reason usual users don't see the PHP is because Apache goes: Ah!

A bug or security vulnerability in the server (either Apache or the PHP engine), or your own PHP code, might allow an attacker to obtain access to your code.

For instance if you have a PHP script to allow people to download files, and an attacker can trick this script into download some of your PHP files, then your code can be leaked.

Since it's impossible to eliminate all bugs from the software you're using, if someone really wants to steal your code, and they have enough resources, there's a reasonable chance they'll be able to.

However, as long as you keep your server up-to-date, someone with casual interest is not able to see the PHP source unless there are some obvious security vulnerabilities in your code.

Read the Security section of the PHP manual as a starting point to keeping your code safe.


By using exploits or on badly configured servers it could be possible to download your PHP source. You could however either obfuscate and/or encrypt your code (using Zend Guard, Ioncube or a similar app) if you want to make sure your source will not be readable (to be accurate, obfuscation by itself could be reversed given enough time/resources, but I haven't found an IonCube or Zend Guard decryptor yet...).

Related questions

OctoberCMS Ajax Sort in the frontend
WordPress rest API OAuth curl commands
Lazy Loading with Doctrine2 and Symfony2 using DQL
How To integrate Aadhaar Card Authentication Api for Aadhaar number Verification in PHP?
How to properly handle session and access token with Facebook PHP SDK 3.0?
Cancel in-flight AJAX requests using Jquery .ajax? [duplicate]
Connect PHP to IBM i (AS/400)
What is the right way to handle $_POST data in MVC?
Node.js, PHP, Javascript Confusion [duplicate]
How to install extension for php via docker-php-ext-install?
Is there a well-established naming convention for PHP namespaces?
Is there open-source code for making 'link preview' text and icons, like in facebook? [closed]
PHP PDO prepared statements
Very large uploads with PHP
How exactly is a PHP script executed?
Manually parse raw multipart/form-data data with PHP
Sort algorithm: Magento checkout totals sorted wrongly causing wrong shipping tax calculation
Best practices: Use of @throws in php-doc, and how it could be handle
How to evaluate formula passed as string in PHP?
Where do I start with Zend Framework? [closed]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!