Why Offer Online Encoding?

We realised that for some users, the cost of purchasing an encoder product was prohibitive, or just didn't make sense. If you want to protect a 5 line file containing passwords, which would cost just 50 cents with our online encoder, or encode a product or minor product updates just occasionally, spending $$$ or even $$$$ to purchase an encoder may not be justifiable.

With software piracy an ever increasing problem, and with PHP becoming more popular, we felt that the online encoder was a much needed solution. Having now encoded hundreds of PHP uploads via our service, we were clearly right.

Security is of course paramount, and so we use encoding techniques that deliver the most security without imposing unreasonable restratints on the user. The encoder uses Compiled-Code-Translation, and turns scripts into the same compiled form that PHP normally turns scripts into before execution. This is considerably more secure than source encoding and obfuscation, and which in reality simply isn't secure at all.

Our encoder also optimises code to reduce size and gain some performance (our paper on PHP Accelerator Internals gives an example of the optimiser in action), and code is then modified a few times more into our own compiled code format, and encrypted/encoded into its final form.

Whilst it may seem bizarre to transfer the same files that you're trying to protect to a third party, web encoding is actually highly secure, and we use SSL encryption to encrypt uploads and downloads. Source files and archives are contained inside a secure jail that prevents access in, or out, and when encoding is complete, typically just a few seconds after uploading, the jail is removed and the source files are gone.

The Portal also offers an interface that's as easy to use for encoding a single script as encoding an archive of 100's of scripts, and handles jobs of any size with ease, including compressed archives in a variety of popular formats.

The ionCube Loader loads and executes encoded files, and as loaded files aren't turned back into source, and because the loader contains its own execution engine, it is virtually impossible for a code thief to trace script execution. Certainly it would be an extremely laborious and error prone process to go through because neither PHP source code or C source code is available. Being an extension, the Loader is also compatible with safe mode as well as the Zend Optimiser. Installing the Loader requires no changes to your webserver or php libraries, and can be installed with a one line change to the php.ini file, or on many webservers, installed on demand without any php.ini change at all.