Announcement

Collapse
No announcement yet.

Encrypt *.php files?

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Encrypt *.php files?

    Hi!
    I'm looking for a secure platform for my forum.
    I just want to know:
    Is it possible to encrypt to vbulletin php files?
    The idea: the forum must work properly but no one could change important forum files even with access to the root or via r57 etc.
    Changes must be made only by the owner (me) with a encryption password or program

  • #2
    Yes you can encrypt php files look at ioncube or Zend guard it will not be cheap to get the two programs.

    Comment


    • #3
      Anyone who has access to your server could just upload a replacement file.

      Comment


      • #4
        anybody with root access can change anything he wants to change from there the term "root" what you want todo is quite impossible i mean you can encrypt php files (but the vb plugin system will stop working) but anybody with ftp or ssh or sftp etc etc could replace the encrypted files with normal files.When you are dedicated then the datacenter where your server is hosted can access it but most will not without your permission

        Comment


        • #5
          If you want some basic protections you can make a hash of all files if some one alters a file that hash code should alter and you will see it. Only don't save the hash table on the server because then they can edit it.

          Comment


          • #6
            Thanks a lot!

            Will Zend work propertly?

            Any other suggestion to protect the php?

            Comment


            • #7
              Yes you can protect the php files by not putting them online, nothing in this world is 100% secure and it will never be 100% secure. Just use the hash method and run a few days a day a script that makes a hash and email that to you if its not the same as before you know something has happened. Every one that has access to the storage can alter files but it also something that is called trust and paranoid.

              Comment


              • #8
                How could someone alter a encrypted file?

                If he encrypts a vB file with say Zend. How could someone come in and change the file without causing errors? vB would simple not work.

                Though I don't understand why you would want to encrypt vB, that is unless you made modifications you don't want anyone to steal.

                Comment


                • #9
                  Originally posted by FreshFroot_ View Post
                  How could someone alter a encrypted file?

                  If he encrypts a vB file with say Zend. How could someone come in and change the file without causing errors? vB would simple not work.

                  Though I don't understand why you would want to encrypt vB, that is unless you made modifications you don't want anyone to steal.
                  Upload an unencrypted version.

                  Comment


                  • #10
                    Originally posted by Zachery View Post
                    Upload an unencrypted version.
                    Yes, but in order to do that.. someone needs a valid vB file. So unless someone has access to stolen files. They wouldn't be able to upload or replace that file.

                    But I like the hash method, many people use that for checking files.

                    Comment


                    • #11
                      Originally posted by FreshFroot_ View Post
                      Yes, but in order to do that.. someone needs a valid vB file. So unless someone has access to stolen files. They wouldn't be able to upload or replace that file.

                      But I like the hash method, many people use that for checking files.
                      If you upload an unencrypted file that came from a nulled vBulletin it would still work vBulletin was never designed to be encrypted.

                      Comment


                      • #12
                        Originally posted by we_are_borg View Post
                        If you upload an unencrypted file that came from a nulled vBulletin it would still work vBulletin was never designed to be encrypted.
                        I see, but if your smart enough to encrypt, then the person should be smart enough to create a validator. So that way they have a program that can detected if a file was modified. Easily place something in all files so you can figure out if something was changed.

                        Not hard, but it seems like such a long and unnecessary method.

                        I guess maybe the OP is scared someone will use his license # in the file.

                        Comment

                        widgetinstance 262 (Related Topics) skipped due to lack of content & hide_module_if_empty option.
                        Working...
                        X