I dont know what to say. About 3 days ago I released a script to the public. Today I realised, after searching on google that someone had already nulled (removed my protection) and pirated the script.
Any code that is released public has a chance of being hacked. This is the number one reason why Javascript is not secure. No matter how much you will obfuscate it, compress it or translate it to some random japanese dialect, it is still source code that the user has access to. Hence it should not contain any sensible information such as passwords or such. All sensible data should be stored in the server side where it is kept hidden from the user.
Php script nulled
If you are releasing a php framework containing both the server and client code; then you have no way of fully protecting yourself. PHP is, like Javascript, an interpreted language. You may translate it, compress it, or obfuscate it as much as you want, (and it's probably the best thing you can do) you will never fully protect it when released to the public.
Also keep in mind that DRM and other solutions are often controversial, and will reduce your sales (especially among early-adopters). On a personal level, I would suggest viewing this as a compliment. After all, your script was useful enough that someone bothered to pirate it within a week!
PHP is easily decoded, so for people who really want to know, it's easy to find out the source code. However, there are certain obfuscator programs such as this one that'll make your PHP script almost unreadable for those trying to decode it.
Try ionCube or Zend Guard. They are both commercial offerings, but you say that you are selling your software so it might be worth it. Although nothing is foolproof and can be reverse engineered with enough effort and technical skill, these solutions are probably good enough for the average PHP script vendor.
I agree with Samoz's suggestion to keep the logic server side, however this can often be hard to do. The best strategy is to make the user want to buy it by offering updates automatically to registered users, as well as installation, advice and good support. You are never going to sway people hell bent on pirating, however your goal should be to persuade those who are undecided as to whether to pirate or purchase the script.
Jumping in very late to this conversation, but saw this question featured. Nobody mentioned contacting a lawyer and pursuing litigation. You likely saw the script on a server - hosted by a known hosting company - you can probably get a DMCA takedown to have the script removed. If you really press the case, you may be able to sue for damages.
If your script won't consume a lot of bandwidth, you could keep your "logic" server-side, as samoz suggested, but if your users won't use it responsively ( a crawler, for example ), this could be trouble.
In general it's hard to prevent users from stealing code when the program is written in a scripting language and distributed in plain text. I've found that did a really nice job of being able to sell PHP code but still give the code to users.
This is one of best nulled script website to download nulled themes, scripts and apps. Our premium resources will help you to create a beautiful web and mobile site, and can avoid costly investments of yours.
Our main products are PHP+MySQL scripts primarily for online advertising and marketing. We also have different plugins & themes for websites built on Wordpress platforms. We undertake custom development based on our product platforms as well development of complete solutions from scratch.
As so many others, I've been a victim of having a PHP product of mine be nulled and put available on the internet to download freely. The purpose of this question is to try to make it more difficult for someone to null an entire PHP application by understanding how it's done and other perspectives on how to avoid it as much as possible.
Nulled scripts are commercial web applications that you can obtain from pirate websites that have been modified to work without a license key. They are the web equivalent of pirated software. They include commercial WordPress themes and plugins.
Yeah, I knew about this some months ago.I downloaded a script for study and suddenly my Avast! Antivirus alerted.On scanning I discovered social.png was the culprit.So I simply used the antivirus to remove it and then saw the above php code in the theme files and removed it too.Now it is standard practice to scan every theme I get no matter the source. Safer that way.
I have already found such line of code in a nulled theme but never noticed that it was a malicious code. Just thought the code was wrong (misplaced) and strange and removed it.Thanks for making me aware of this. 2ff7e9595c
Comments