How to Protect My Source Code When Deployed

How to protect my source code when deployed?

You are right, you can use Zend Encoder, Ion Cube or something like Source Guardian to encrypt your source code.

Its not really needed unless you are giving away your code and dont want people to steal it though.

What is it about your server that you think its insecure?

How can I protect my source code when deploying on different computers

@Bardware is correct: the target machine needs to have the same major version of Java as that which you compiled the code with, and probably for good measure the minor version should be the same or greater.

You can - of course - confront this from the other direction: find out what version of Java they have running, and compile to that version. However they will still need to be running at least the minimum Java version that is supported for the intended version of ColdFusion.

Also it's vital to note @Bardware's comment against the question itself:

cfcompile.bat calls findjava.bat. There a variable JAVACMD is set.
Coldfusion prefers the JAVA that resides within the CF installation
folder. That is an issue, since CF came with JAVA 7 but might be set
to run with JAVA 8 in the jvm.config. You might resolve the variables
from the command afterdeploycompdir and compile without using the bat
file.

How to protect the source code of Flutter Web deployed to Firebase Hosting?

If you look at the source file you will see that it is compiled/minified.

// snippet
var r
var q=d
try{if(a[b]===s){r=a[b]=q
r=a[b]=d()}else r=a[b]}finally{if(r===q)a[b]=null
a[c]=function(){return this[b]}}return r}}function lazy(a,b,c,d){var s=a
a[b]=s

What you are seeing are the sourcemaps which show a developer friendly view of the compiled/minified code. I don't see any options for turning sourcemaps off.

Something to keep in mind is that you are shipping a client side app. Once code is on other computers there is not much you can do to prevent them from reverse engineering it.

How to deploy a web app with encrypted source code?

This is not possible to the degree that you want.

But what you are looking for is an obfuscator -

Look at this question - and then have a look at this tool

How to secure my oracle apex source code deployed user's machine

You can't. Even if you use the DBMS_DDL.WRAP feature to obfuscate the code, it is easily reversed. At best, obfuscation makes it harder to see your code, but not impossible. Configuration items stored in APEX back-end tables will always be visible, too.

If this is a commercial product, make sure your license is very clear about acceptable use and/or reverse engineering. You can also check out products like PFCL Obfuscate (http://www.petefinnigan.com/weblog/archives/00001385.htm) which can give you the ability to automatically obfuscate your APEX app (still reversable!) and enforce license keys.

How do I protect Python code from being read by users?

Python, being a byte-code-compiled interpreted language, is very difficult to lock down. Even if you use a exe-packager like py2exe, the layout of the executable is well-known, and the Python byte-codes are well understood.

Usually in cases like this, you have to make a tradeoff. How important is it really to protect the code? Are there real secrets in there (such as a key for symmetric encryption of bank transfers), or are you just being paranoid? Choose the language that lets you develop the best product quickest, and be realistic about how valuable your novel ideas are.

If you decide you really need to enforce the license check securely, write it as a small C extension so that the license check code can be extra-hard (but not impossible!) to reverse engineer, and leave the bulk of your code in Python.

---

Related Topics