Jump to content

Copy protectiong a CMS application


billybones

Recommended Posts

I have developed and built my own CMS, which uses a core file for all configuration and functions.

The CMS will be sold to companies on a project basis that could essentially steal it and re use it over and over again.

 

So i thought to stop this i could host the Core file on my web server which would contain an array of domains it is allowed to be included on, then include it from the CMS on the clients hosting.

This would obviously protect people from re using, but is it a good practice?? and would it even work?

Thanks in advance.

 

Link to comment
Share on other sites

as far as working goes yeah it probably would (might have problem cross-domain requests) but nothing that cant be gotten around.

 

but consider this:

- your bandwidth usage might go through the roof and increase your hosting expense

- you become liable for ANY downtime that clients experience (and i mean its happened to google who have like a cluster of a billion servers and there's always external factors that our out of your control that could have an impact)

- you'll be the script-nazi or something equivalent

 

and there's a ton of other reasons NOT to do this.  first of all, read this (open-source license comparison) ok now im not trying to push my beliefs on you or brainwash or anything like that but as long as you live in the US (or another country with decent internet/intellectual property legislation) making it open-source != giving it away.

 

the very first e-commerce solution i implemented i used a paid template for (ecommercetemplates dot com or something like that) and it actually never went live but was a great learning experience (so i can technically still use it btw) but anyway the point im getting at is they had a decent way of guaranteeing what you're trying to do.

 

Updates.

 

That's all.  Updates.  Basically you pay a 1-time fee download the current version in all its open-source glory and use it.  And you get 6 months free updates.  After that you keep sending update emails (unless they opt out) and your customers will realize that if its a good product its worth paying for updates/support.

 

In fact, support is probably where you might have the potential to make the most money as opposed to sales.

 

Other positive aspects are offering addons and themes and stuff and the major advantage of making it open-source is that your clients can customize it to match their branding, which is a HUGE plus for them (at least it was for me when i was in that position).

 

Now as far as stopping people from using the app on more than one project/domain you could enforce this by making your clients tell you where its hosted.  i dont think there'd be a problem with that.  so you still have your list of allowed domains.  and if you find it elsewhere being used for commercial purposes than you take legal action.

 

you could also and i definitely don't support this sneak in some little snippet of code that pings your domain so you know who's using it (but if its open source it can just as easily be removed).

 

Anyway good luck! :)

Link to comment
Share on other sites

oh and i almost forgot:

 

even though i said CMS and you clearly stated it too was thinking e-commerce the whole time...lol... sleep deprivation does take its toll.

 

if its a cms and you are bent on making money of it then open source may not be a good alternative because a cms could be a blog, news site, etc (personal use) which doesnt infringe the license.

 

so there is an alternative to protect your code:

 

OBFUSCATE THE HELL OUT OF IT!!!  ;)

 

seriously.  dont mean to be one of those "google it" pricks, but there's links to free php apps that do exactly that in at least 6 of the first 10 results! :)

 

also take a look at the PHAR extension/class/whathaveyou at first it seems like zipping it, but if you read a bit further down the documentation mentions a multitude of ways to encrypt and protect your source.

 

the plus here is that it makes it easier to distribute too :)

 

but be warned, pretty much anything can be reverse-engineered.  ok depending on the encryption you use it could take days, weeks even months, but it will happen!

Link to comment
Share on other sites

lol not necessarily :)  you could just create some sort of batch or wait, what am i talking about, PHP script (!) that obfuscates/PHARs all the stuff automatically.

 

so you work with normal code then run the script, grab the jibberishy output and distribute it.

just make sure you use some sort of version control so you don't shoot yourself in the face by mistake :)

 

either way, give some thought to what i mentioned about user customization... imagine if all blogs looked like that default blue and white wordpress theme  ;D  at least give them a nice customizable theme engine to work with!  ;)

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.