How to protect my source code when deployed?

Question

Is there a way to encrypt or enclose my code on my Linux server after deployment? I know Zend does some kind of encryption, right? Is that what people use? Is this even poss

Answer 1

If the file-system on your server has been compromised, then all is already lost. The best you can do is restrict folders, which are writable by web-server's user.

Also keep the application code outside the DOCUMENT_ROOT. Publicly available should only be the file you actually intend to show user, or which would not show any sensitive informations: like an index.php file which contains and include ../app/bootstrap.php .

You could use Zend Guard, but this would impact owner of the code. You might not be always the one maintaining it.