I want to sell a copy of my script to another person, my script is basically HTML AND CSS, but being a Checker, it needs a JS that passes the data to a PHP API and then it returns it to a of the index.
I know that the CSS and the JS are practically impossible to protect because they are on the client side, but I want to protect the Checker system.
How can I protect all my script? Can I put the PHP API on another server and from there transfer it to the of the shopper?
Or will there be a way to add code to the buyer's PHP API and have it check some data on my server, and if it is not there the Checker will not work?
In short, I want to AVOID leaving the PHP file in the buyer's script, because it is what makes my Checker work nd I want to prevent it from being stolen, since it is a personal checker.
Thank you very much in advance, I only know the basics of PHP and JS, currently I only master 100% HTML and all about CSS.
CodePudding user response:
You could let the customer use your version of the software ( that you host yourself ) and restrict their access with something like an API key. You would need to check before each request if the api key is present and if it's still valid.
This would allow you to control who has access to your script, without having to "give" away your code.
API authentication, in itself, is a whole subject and can get very complicated. I would suggest you start with a simple API key and see how it works out for you.
The youtube channel fireship.io has a great video on the subject. I highly suggest you check it out.
CodePudding user response:
You cannot really protect your JS because it executes on the user/customer computer. You can obfuscate it but it's a bad practice because it makes it had for your customer to debug and maintain their site and they will not buy your program.
In fact the customers are usually testing your service and integrate it before actually paying it.
You don't have to protect all your work, since copying the JS is pretty useless without the PHP. Only keep the PHP for yourself on another server.