i've developed an application for my company (php-mysql-jquery) and we are trying to sell this application to different companies. The problem is that we are not selling it directly, but we have our service provider as an intermediary. My boss fears that since our service provider hosts the application, he can simply copy the folder of the application, the db, and then sell it as it'开发者_运维知识库s own.
So, here comes the question, is there a way i can lock the application to run only on a specific server? What i was thinking of is some sort of "stratup check, based on the ip of the server and the actual folder of the "index.php" that, if not passed, blocks the application. Of course i obfuscate my code so that it's not possible to reverse engeineer the check.
something like (just to be clear):
$allowanceToken = md5($_SERVER['SCRIPT_FILENAME'].$_SERVER['SERVER_ADDR'].$mysecret);
//i imagine md5 is not sure enough...
Have you gote better ideas, or, even better, there are some standard procedure - best practicies for this?
What prevents the service provider from removing your security code from your script? Even if you hide it, rename it, translate it to chinese - they can and probably will find it.
Solution:
- Find a good partner which you trust.
- Make sure your partner will profit enough.
- Create a good contract and both sign it.
精彩评论