Re: use php but not access the source
> > Yes, I think eventually I'm going to just give them some php that
connects[color=blue][color=green]
> > up to my site (on the same server) and requests my site do the work.[/color]
>
> Being on the same server isn't going to help you any, because shell
> access will still allow the files to be read.[/color]
They don't have shell access.
[color=blue]
> However, you could chroot
> the ftp, then the users can only browse the files in their home
> directory - if they only have ftp access.[/color]
Maybe you're not understanding me. I would put a "connector" on their site
that just querries my site for the results. My site then runs the full php
source that builds the results and sends them back to the connector. The
connector then formats the results and sends them back to the user that
requested them.
My code at no time would ever exist on their site or their ftp directories
for them to even see them.
Even if they had shell access they couldn't see them, as the shell wouldn't
give them access to my site's home directory.
[color=blue][color=green]
> > And it would allow that their site could eventually reside on another
> > server, although that's not an optimal solution.[/color]
>
> Maybe not an optimal solution, but if you don't want the code to get[/color]
out...
Like I said, I don't have to do it this way (allow them to run on another
server), but at least if they wanted/needed to I could.
I foresee this business growing so much that I will have to put the client's
sites on one set of servers and put my site across several servers "behind"
theirs. That way I could grow my site to as many servers as I needed to
according to the load and I could add more client servers as I signed up
more clients.
> > Yes, I think eventually I'm going to just give them some php that
connects[color=blue][color=green]
> > up to my site (on the same server) and requests my site do the work.[/color]
>
> Being on the same server isn't going to help you any, because shell
> access will still allow the files to be read.[/color]
They don't have shell access.
[color=blue]
> However, you could chroot
> the ftp, then the users can only browse the files in their home
> directory - if they only have ftp access.[/color]
Maybe you're not understanding me. I would put a "connector" on their site
that just querries my site for the results. My site then runs the full php
source that builds the results and sends them back to the connector. The
connector then formats the results and sends them back to the user that
requested them.
My code at no time would ever exist on their site or their ftp directories
for them to even see them.
Even if they had shell access they couldn't see them, as the shell wouldn't
give them access to my site's home directory.
[color=blue][color=green]
> > And it would allow that their site could eventually reside on another
> > server, although that's not an optimal solution.[/color]
>
> Maybe not an optimal solution, but if you don't want the code to get[/color]
out...
Like I said, I don't have to do it this way (allow them to run on another
server), but at least if they wanted/needed to I could.
I foresee this business growing so much that I will have to put the client's
sites on one set of servers and put my site across several servers "behind"
theirs. That way I could grow my site to as many servers as I needed to
according to the load and I could add more client servers as I signed up
more clients.
Comment