Msg#: 4005963 posted 1:16 am on Oct 13, 2009 (gmt 0)
i need your opinion on this. i have built one php based cms and want to generate revenue from each copy i sell. do i need to have some encryption and licensing system built in so only intended people can use for only intended purpose.
what do you thing if i go without secure cms how much it would affect my business, before my cms gets Brandise someone else can start selling it on their own name.
Msg#: 4005963 posted 5:54 am on Oct 13, 2009 (gmt 0)
The problem with encryption is customers may not be happy running code on their servers when they can't see what it is doing. This is especialy true if them have bought the software from you.
There are some things you can do to limit the software being used by sites that hve not purchased the script. For example if you have an install page where the user can configure and set up the cms add a 1x1 pixel from your own server. This will give you clues as to where is is being installed. This can be removed quite simply by an experienced user who is aware of it being there, but it may help you track down some installs.
Piracy is a big problem, and you may well need to take legal action if you find someone else selling your software.
Msg#: 4005963 posted 7:32 am on Oct 13, 2009 (gmt 0)
You could encrypt one file say for example key.php and you email this file to the customer as part of the purchase. Explain that this file unlocks the software. you could use this file to include other importaint files. For example making navigation invisible in the admin area if the "key" isn't installed. You could then track installs using the key file.
Again this may cause issues with customers not knowing what the file does. I think you may need to be clear with them and explain it logs where the softare has been installed.
Another possible issue with encryption is do all hosts support the decryption and parsing of encrypted code? I know most of the encryption companies offer the decryption software (for the server) freely, but it might not be installed on many hosts.
Msg#: 4005963 posted 4:19 pm on Oct 13, 2009 (gmt 0)
Even if you encrypt parts of the code, you still need to give the client the decryption routines, and a knowledgeable programmer can circumvent that easily enough, unless i'm missing something?
One thing i've been thinking of, not sure how feasible it is: break the software into two parts, one part has the code to create the webpages off the database and also maintain user contribution such as comments, the other part has the modules to maintain the website's actual structure and content. The first part goes to the client server and the second part stays on your server. So now, when the client wants to make a change to their website, they have to login to your server, and of course they can only do that if they've paid.
This way, at least part of your software is never delivered to clients and can't be copied. The drawback is that you need to write some extra rock-solid, secure code to push the changes from your server to theirs, and your server needs to be rock-solid too so clients can access it all the time.