Best way to secure source code

mimuk · May 4, 2019, 5:43am

I use wappler to extend a web application that’s hosted on my clients server.

They have a Windows Server with IIS and MS SQL Server.
My Wappler created pages are currently hosted on this same machine.

What is the easiest way to prevent the wwwroot folder of my site being copied and used elsewhere with a slight modification to the database connection parameters in dmxConnect\modules\Connections

Would just copying the .asp pages in dmxConnect\api and hosting on my own server and remove them from the customer machine, modify the paths work?

I would like to have the absolute minimum files on my customers office server.

Many thanks in advance

mimuk · May 8, 2019, 7:50pm

Any suggestions would be really appreciated.

Hyperbytes · May 8, 2019, 8:58pm

I guess, in theory, if the customers MS Sql server would accept connections from your server you could host the fields remotely either via a separate URL or inside iframes but it is not going to be a seamless solution. Difficult to be specific with the limited information you have given

Dave · May 8, 2019, 9:11pm

If somebody has direct root access to the host they could easily copy the entire directory (or if the host is poorly configured and insecure). Likewise if they have backups running, they could restore your directory to another location. In these circumstances there would be little you could do to stop such activity. The best option would be to host your own application and put yourself in charge of access to the files associated with it. Then allow your Client access via strict privileges for example (white-listed I.Ps only etc).

Freddy_Blockchain · May 9, 2019, 4:19am

early years I was using Ioncube. Not sure if it still exists. It secured your code.