Running a website from an encrypted partition
I am looking at the possibility of running a PHP-based website (built in symfony) from an encrypted partition on a LAMP server. The reason for this is开发者_如何学C because a client would have access to the server but I don't want them to see the source code behind the php website.
I am open to other solutions if this is not possible. For example, possibly running the site from a virtual machine instance that cant be accessed easily.
I am not a big fan of simply obfuscating the code because, according to other posts, it can be easily reversed.
Is it possible to run a PHP app within an environment which is not human-accessible/readable?
I don't see how an encrypted partition will help here, as the web server will need access to it, and somebody with access to the machine will know how to use that.
A virtual machine will probably be the easiest thing to secure, because you can serve web pages, but restrict filesystem / RDP access to it.
There are also reliable obfuscation/pre-compilation solutions on the market. With the latter, you can distribute bytecode that is also speed optimized, which is an argument to present to the client.
If the enemy has physical access to the machine, you've already lost; it's certainly possible for them to get the source code. Encryption inside a virtual machine might make it a little more difficult, but they can always dump the memory, then use techniques described by J. Halderman et al to extract the keys. And ff it's just an encrypted partition (no VM), it'll be mounted and easily accessible. So no, unless you control the physical machine, you can't secure it from attacks by the machine's administrator, regardless of whether it's encrypted.
The reason for this is because a client would have access to the server but I don't want them to see the source code behind the php website.
Rubbish. How will you run a web-site having source code completely hidden? Apache needs it uncovered to process with PHP in order for your website to work.
精彩评论