BLENC is an extension that permit to protect PHP source scripts with Blowfish Encription. BLENC hooks into the Zend Engine, allowing for transparent execution of PHP scripts previously encoded with BLENC.
It is not designed for complete security (it is still possible to disassemble the script into op codes using a package such as XDebug), however it does keep people out of your code and make reverse engineering difficult.
Extension have been tested with PHP versions 7.4 - 8.1.
As upstream project seems to be stalled this should be consired as fork of it. Current code is compatible with original BLENC.
Using Blenc it not very well documented and you can mess up your code and you can't get it back. So please test with test scripts and then apply to your big commercial project! and remember to backup code before encoding.
As said above. If you encode and forget your decode key your code is not easily decoded. As every encoding BLENC also breaks so this is not 100% safe and Using BLENC only makes getting code exploration slower and hides code from amateurs! (it is still possible to disassemble the script into op codes using a package such as XDebug)
First compile as php extension. Install shared object (Windows .DLL and Unix systems .SO) to your php-extension directory. After that enable extension and encode your files. Add decoding keys and start using.
# ./configure
# make
# cp .libs/blenc.so to /some/where/php7/extensions/
Find where your PHP INI files are and add to blenc.ini file:
extension=blenc.so
; The location where BLENC can find the file containing a list of
; available decryption keys. This file must be readable by web-server.
;
blenc.key_file = "/location/to/conf.d/blenc.keys"
To encode your file you can run blencode.php or make you own better script
blencode.php script.php which should output this kind of output
BLENC blenc_protect starts...
BLENC blowfish unencrypted key: 61078a970fdab66038c8cc8f12548d73
BLENC file to encode: script.php
BLENC backup file : backup/script.php.2018_05_31_10_05_53
BLENC size of content: 24
BLENC MD5: 0358c26c0bb6f612d8dc7b004bf68143
BLENC redistributable key: miWqx+zKq0rnRa2wt4jk8v5ckGBRxhS3in041fUJkWU=
BLENC redistributable key file key_file.blenc updated.
BLENC done.
Your old unencoded file in at backup-directory and encoded file is renamed script.phpenc (which is symlinked to script.php). Your encode key it at blenc.key which is not encoded and if someone can get that he or she can decode your scripts at ease! Encoded key is on key_file.blenc which you need to copy /location/to/conf.d/blenc.keys. If you like use some other encryption key of your like then add it before encoding to blenc.key.
If you have added keys to correct place you should be able to run it as before. There is no promise made that everything works as expected!
For extra safety main encoding key should be changed in blenc_protect.h (It's named BLENC_PROTECT_MAIN_KEY). default is '0123456789abcdef0123456789abcdef'. In blenc_protect.h you can also make module expire.
Current formating is mainly One True Brace Style (1TBS) with some changes:
astyle --indent=spaces=4 --style=1tbs --max-code-length=120 --lineend=linux --align-pointer=name --align-reference=name --add-braces --formatted --convert-tabs --break-after-logical --pad-oper --break-blocks=all --indent-col1-comments *.c *.h
It's tested with CI when doing Pull Request.