Jump to content

Limit code to only run on one domain

ojsimon

By ojsimon
in PHP Coding Help

 Share

Recommended Posts

ojsimon Regular Member

ojsimon

Posted
Posted

Hi

I am trying to protect my php script from piracy. I do not want to use a commercial protection script, instead i was wondering if there was a bit of php code i could use to make my code only run on a certain domain specified? I could then encode this script so that they can't change this. Any ideas?

 

thanks

Link to comment
https://forums.phpfreaks.com/topic/135558-limit-code-to-only-run-on-one-domain/
Share on other sites
premiso Regular Member

premiso

Posted
Posted

Check $_SERVER variable. Also be aware, that if you can encode your script, someone else can decode it.

 

Wouldn't exactly work.

 

<?php
echo $_SERVER['HTTP_HOST'] . "<br />";
$_SERVER['HTTP_HOST'] = "BLAH";
echo $_SERVER['HTTP_HOST'];
?>

 

All I Would need to do is make a mock up of your script and include the file after I set the server variable to what I want.

 

Sucks I know.

premiso Regular Member

premiso

Posted
Posted

no but if i encoded this so that it was invisible.

 

True, but then if someone decodes that and sees that check, they could easily just tell people about it and viola. They don't even need to decrypt but one page to figure that out.

 

I am just saying, if you are going to encrypt it I would do more than just a domain check. I would also make a hash in there for that domain (check the domain via the referrer on your end) that has to ping to a license deal on your server and check if that hash is valid for the domain requesting it.

 

Either way though, if they decrypt the code they will probably remove the checks. I am just saying that I would have a licensing system in there to help make it a bit harder than just setting that server variable like done above...

 

The main issue is just being able to be decoded, it really puts you off at how easy someone can do it and steal your script and use it.

ojsimon Regular Member

ojsimon

Posted
  • Author
Posted

What i was thinking is maybe when they buy the script they enter the domain they are going to use and it generates a serial relating to the domain, they insert this into the script config file. This is then turned into the domain and run into that script you said above. Would this work better? I understand about the encoding problem but unfortunately nothing is uncrackable, but some protection is better than none.

Thanks

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.