2

I'm working with Symfony2.3.4 and PHP 5.6.3.

I'm going to deploy a project I just finished and I need to do it "by hand", it means copying the project source code manually onto the production server in a company because I can't use any tool for it or anything of the like.

I've never done this before and for what I've googled so far it's hell. But what worries me the most is the matter of protecting my code once it's in the server, i.e.: no one sniffing around, editing, copying, plagiarizing it, etc.

I don't know if I'm making any sense or if this is an obvious question, I really really have zero experience deploying web apps so be gentle.

Ruben Bartelink
  • 59,778
  • 26
  • 187
  • 249
Scaramouche
  • 3,188
  • 2
  • 20
  • 46
  • 1
    When you request a PHP page from a browser, the client(web browser) isn't sent any of the PHP code. So unless your server is insecure(which is really a separate issue in itself), you shouldn't really have to worry about people having access to your code. – JPeroutek Jul 17 '15 at 15:40
  • Could you provide me with a, say, tutorial on how to make my server secure?, and back to my question, I didn't mean someone hacking it through the web, I meant more for example the server administrator of that company or any other that has access to the server, I'm gonna have to copy all my source code in the server somewhere, will they not be able to see that code and do what ever they want with it, I'm sure **now** you'll understand the _zero experience_ part – Scaramouche Jul 17 '15 at 16:10
  • @J.M.Echevarría sorry if I sound rude, but if your level of experience is so low, you really should not be in charge of doing it. No single answer on SO or tutorial will spare you the amount of troubles you're calling upon yourself. – Francesco Abeni Jul 17 '15 at 17:02

2 Answers2

1

Anyone who has administrative access to the server can read and copy your code, including of course the server administrators (i.e. the hosting provider staff).

Of course any hosting provider in the world can do that and AFAIK it's never been a problem, because they usually are professional and don't do it.

The only solution I can think of is to setup a VPS where you have the only SSH access, but of course that means you have to setup the whole web server yourself... and that's even more complicated than simply deploying your code.

Francesco Abeni
  • 4,190
  • 1
  • 19
  • 30
  • Well ain't that utopian, I REALLY REALLY wish it'd be that way, but it's like putting a sweet in front of a 5-year-old and hope they won't devour it ASA u take ur eyes from them. It's not like there is anything awesome about my project or anything, it's actually relatively simple(I'm the only one working on it so I _am_ in charge of doing anything related to it) and that's why I need to learn these stuff for if/when I get my hands on something a little bit bigger, but if you say there is no solution then I'll keep looking, TAW – Scaramouche Jul 17 '15 at 17:13
  • @J.M.Echevarría If you don't own the server - you can't hide anything from the sysadmin that does. – sjagr Jul 17 '15 at 17:16
  • @J.M.Echevarría that's fine by me. There are lots of solutions, but all of them require a decent amount of knowledge, so take into account that it will take you some time to get there. Questions on SO are usually about more narrow topics. – Francesco Abeni Jul 17 '15 at 17:50
0

To answer your question, and if you really (really!) want that, you can checkout this SO question: Is there a code obfuscator for PHP?

But you shouldn't do that! As said, don't be scared by hosting providers, or setup your own server. :)

Yassine Guedidi
  • 1,695
  • 11
  • 12