Is there a way to encrypt or enclose my code on my Linux server after deployment? I know Zend does some kind of encryption, right? Is that what people use? Is this even poss
If the file-system on your server has been compromised, then all is already lost. The best you can do is restrict folders, which are writable by web-server's user.
Also keep the application code outside the DOCUMENT_ROOT
. Publicly available should only be the file you actually intend to show user, or which would not show any sensitive informations: like an index.php file which contains and include ../app/bootstrap.php
.
You could use Zend Guard, but this would impact owner of the code. You might not be always the one maintaining it.