PHP Obfuscation - Upload PHP scripts here - Any .php Script (commandline / web based)
README
For a seamless obfuscation of your PHP scripts, please abide by the following rules:
- Ensure all uploaded PHP scripts are properly named:
- All PHP scripts submitted must have the .php extension:
- my_script.php
- Avoid spaces in the names of your scripts:
- my script.php
- Once a php script is dropped into the Upload area, it will be automatically obfuscated.
- After obfuscation completes, you will be redirected to the download page.
- The download page will have a separate "Zip Link" for the obfuscated version of each uploaded php script.
- OR, you can just click on the "PACKAGED" link to get all freshly obfuscated php scripts in one zip file.
For subscribers:
In the space provided for User List, specify the comma seperated list of usernames you wish to grant access to your encrypted scripts. Note, the username(s) provided during encryption will be only usernames able to run the encrypted script(s). The script will not function for any other user!
For subscribers:
In the space provided for Host List, specify the comma seperated list of hostnames(fqdns) you wish to grant access to your encrypted scripts. Note, the hostname(s) provided during encryption will be only hosts on which the encrypted script(s) can be run. The script(s) will not function on any other host!
For subscribers:
In the space provided, specify when you wish for your script to expire.
- 7d = 7 Days
- 2w = 2 Weeks
- 4mo = 4 Months
- 7000d = 19+ Years
- July-18-2022_15:00 = Specific date
Examples:
If no option is selected, the default option will be "off". Which means your script will not expire!
In the space provided for Function names, specify the comma seperated list of functions you wish to protect, if using RStudio/Rconsole.
Choose 'no' (recommended) to disable the ability to debug your encrypted script
This setting forces your protected PHP script to validate itself with our servers before allowing users to run it.
- NOTE: If an attempt is made to run a satelite enabled obfuscated PHP script on a host without internet connectivity, the script will abort.
To ensure your obfuscated scripts can only be imported from other obfuscated scripts, configure the following settings:
- Unique Company Name = Set this to your companyname....(.i.e. apple.com, google.com, cnn.com)
- Import Access Key = Set a password here to be assigned to all scripts being encrypted
- Note, this is only needed if Admin Imports and Allowed Importers have values. Do not enter anything here if you're not encrypting imported modules
- Admin Imports = Specify the names of the main/master scripts which will be importing other scripts
- Allowed Importers = Specify here the names of other scripts which the main/master scripts will be importing
Currently available only for Subscribers:
PHP Obfuscator - Obfuscate PHP Scripts (Web-based & CLI)
The complexity of your PHP script does not matter. At all.
Any PHP script obfuscated by AtShai.com/EnScrypt.io should be expected to work exactly as the original. If your original plain text php script has bugs in it, then, yes, the obfuscated version will also have bugs. Therefore, we strongly recommend confirming the plain text php script you're uploading actually works.
We are very confident our PHP obfuscation tool can thoroughly obfuscate any php script given to it and we welcome you to test and confirm for yourself. If your obfuscated php script is unable to execute for some odd reason, there's no need panic or feel dejected (we actually understand). Just notify us immediately so we can address it.
Yes. The process through which a php script is obfuscated is the same for both command-line based scripts and web based scripts.
Simply upload your desired php script and within 2 to 5 seconds you'll have a freshly obfuscated php script...ready to use.
No. The obfuscated version of your php script will behave exactly as the original. No extra addons or special modules will be needed to execute it.
All functionalities available in the plain text version will also be available in the obfuscated version.
Yes.
For the free service provided on this page, you can obfuscate the same scripts as many times as you wish. The scripts will always expire within 24 to 48 hours.
For the paid service, you can obfuscate the same php scripts multiple times. It won't count against the total allowed for your plan.
- example1.php can be re-submitted multiple times
- example2.php can be re-submitted multiple times
- example3.php can be re-submitted multiple times
- example4.php can be re-submitted multiple times
- example5.php can be re-submitted multiple times
However, when the list of all php scripts submitted for obfuscation is uniqued, the total cannot be more than the number of scripts allowed for the plan you purchased.
Example:
But example6.php cannot be submitted, because you’ve already submitted 5 different scripts before it.
It is highly unlikely for a valid php script obfuscated by us to encounter issues with execution.
In the very rare event that happens, you have two options:
- Contact us immediately and provide as much information as possible
- We will prioritize issues like this with the utmost urgency
- If we're unable to fix the problem to your satisfaction
- We will gladly issue you a refund!
Before making a purchase, consider the following:
- Try uploading some of your php scripts first, using the free obfuscation portal available on this page.
- Note, all php scripts uploaded through this free portal will expire within 24 to 48 hours.
- However, the obfuscated php scripts that were produced by it will be fully functional for the duration of their valid period.
- If any of the php scripts you obfuscated does not work exactly as the original, let us know as soon as possible.
- We are very, very proud to be the one and only robust and versatile obfuscation for PHP code that just works.
- There's nothing complicated for you to figure out or configure. You just upload your php script and within seconds, you'll get back an obfuscated copy!
- Every single obfuscated php script protected by us will work, as the original. No special loaders or addons necessary to run them.
Yes. However, the size of an obfuscated PHP script can be reduced through the security settings applied to it during obfuscation.
While we do keep a watchful eye over obfuscated script sizes, please note that in the grand scheme of things the script size shouldn't be of too much concern...so long as the obfuscation delivers on protecting your code and the obfuscated code isn't noticeably slow.
Nevertheless, we understand every customer is different. Therefore, if it is critical for you to have the sizes of your obfuscated scripts significantly reduced, just contact us. We'll create a customized solution for you.
Protect PHP Code - Secure variable content, Hide Source Code
All PHP scripts uploaded through this free portal will have some strict security features enabled by default.
Default Security Features
- Duplication Prevention
- This feature ensures the name you gave to your obfuscated script at the time of obfuscation is the same name it will be forever known by. If changed, script will abort.
- Expiration Date Control
- This feature ensures all submitted PHP scripts expire within 24 to 48 hours. The allowed time is verified remotely, with our servers. This means we will be notified of all unauthorized attempts to prolong the usage of the obfuscated php code.
- Self-Defend/Self-Destruction
- This feature handles the process of terminating the execution of a protected script whenever it is under attack. We understand once an obfuscated PHP script is sent out into the wild, anyone can try all sorts of hacks on it. As such, we built in some defensive capabilities in all obfuscated PHP scripts to combat this very real possibility. If during execution of a protected PHP script, we sense that it has been maliciously altered, we will cause the script to abort, and self destruct!
Yes. All paid customers are allowed to specify expiration dates (among other settings) and decide how their protected php script should behave in the event of an attempted hack attack.
We are different in a number of ways. We'll name a few common ones.
- Our PHP Obfuscator converts plain text php scripts, in their entirety, into a format that bears no resemblance to their original plain text version. Yes, we do much more than just scramble variable names.
- Additionally, we go far beyond the already herculean task of protecting source code. Sure, that is the foundation upon which our objective was planted.
- However, we figured out rather quickly (through the misbehaviors of some users, and the suggestions of others) that, in addition to code obfuscation, it is also necessary to be able to track where in the world one's intellectual property (i.e. scripts) is being utilized.
- And as such, we have security settings available for users to enable if they wish to monitor the whereabouts of their source code.
- We require no addons. Yes, your obfuscated php script (generated by AtShai.com) will function just like the original does, without the need for special 'loaders'.
If any one of your obfuscated php scripts isn't working exactly as the original version, don't panic. Just let us know. We'll help you get to the bottom of the issue.
An obfuscated php code will fail to execute if any of the following conditions are true:
- The plain text version of the php script (which you submitted) is buggy and does not work.
- If this is the case, you'll need to fix that first before re-submitting to the php obfuscator.
- The obfuscated php script was altered in one way or other..i.e. adding/removing text from it, script name was changed, script was put through a debugger
- If this is the case, you'll need to get the fresh copy of the obfuscated script from the zip file that it came in OR just undo the unauthorized changes.
- You're running the obfuscated php script on a host on which you configured it not to run on.
- If this is the case, you'll get an error alerting you about the issue.
- You're attempting to import an obfuscated php script from within a non-obfuscated plain text script
- If you obfuscated your php script with the 'secureimport' setting enabled, then tried to 'include' or 'require' it from an unprotected script, you will be confronted with an error message.
- You're attempting to execute a satelite enabled obfuscated php script on a host without internet connectivity
- Whenever a php script is obfuscated with the satelite feature enabled, that means the author wants to retain tight control over the usage of the script
- And if this is the case here, the obfuscated script will fail to function, and might even self-destruct if it cannot remotely validate itself.
Our PHP Obfuscator has quite a number of security settings, some of which have already been listed on this page.
However, there are some other settings that will NOT be made public unless to an established customer.
- We take the security of all php scripts protected by us, very seriously.
- And as such, we consider certain security features too sensitive for public disclosure.
- It is worth noting that some of these private settings were developed specifically for clients with unique customization requests.
- Therefore, if you wish to have a particular setting customized to your liking or created, feel free to reach out to us.
If you obfuscate a php script which you intend to "include" or "require" from other php scripts, please note the following:
- For obvious security reasons, we have restricted the ability to import an obfuscated php code from within a non-obfuscated plain text php script.
- If you wish to include php scripts from within other php scripts, you'll need to ensure all associated php scripts are obfuscated.
- If an attempt is made to include or require an obfuscated php script from within a plain text php script, the obfuscated php code will fail to execute.