rolling out php web applications on client's intranet

Express the business side of your digital lives. Share your experiences and/or your comments regarding a business or organization.

No advertising.

Moderator: General Moderators

Post Reply
konstandinos
Forum Commoner
Posts: 68
Joined: Wed Oct 04, 2006 4:20 am

rolling out php web applications on client's intranet

Post by konstandinos »

hi all

i would like to hear from you guys what your thoughts are on rolling out php apps at client sites. whether they're custom apps designed for the specific client, or generic apps that you've developed in your own time and are licensing out to numerous clients...

what are your thoughts on setting up the environment on the client's network?

the php programs i have in mind are web-apps to be used on client intranets, that make use of mysql databases (and if need be, apache).

please point out issues at hand (such as how you explain to clients that on top of paying for your software, they also need to purchase a linux box to run it for example).

selling tips would be appreciated.

thanks
User avatar
Burrito
Spockulator
Posts: 4715
Joined: Wed Feb 04, 2004 8:15 pm
Location: Eden, Utah

Post by Burrito »

Moved to 'The Enterprise'
User avatar
Kieran Huggins
DevNet Master
Posts: 3635
Joined: Wed Dec 06, 2006 4:14 pm
Location: Toronto, Canada
Contact:

Post by Kieran Huggins »

One idea is to have it run on an existing windows machine in one of those wamp packages (like uniform server).

Maybe a VM would be better suited... the VMware player is free - build a tiny web server image with your app on board.

Failing that, a Mac Mini could do wonders!
konstandinos
Forum Commoner
Posts: 68
Joined: Wed Oct 04, 2006 4:20 am

Post by konstandinos »

ok thanks kieran.

the VM/mini-server image sounds like a good option, since most of my clients use windows server anyway.

what would you recommend when it comes to protecting my php code? i'm aware of Zen Guard, but it costs far too much. i am hoping there is a cheap (read: free) alternative out there somewhere.

thanks
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

Be aware that all the "protection" (encoding) solutions have been broken. So if anything, it's a fairly thin veil of protection.
konstandinos
Forum Commoner
Posts: 68
Joined: Wed Oct 04, 2006 4:20 am

Post by konstandinos »

that's bad news :(

my predicament is that i reside in a country where bandwidth is expensive.

i could offer to host my clients' php-based web-apps on my own servers, which although ends up costing the client far more. i don't have to worry about my code being copied around without my knowledge.

but this seems like narrow-minded thinking. thus i am considering the option of setting up apache based lan boxes (read: lamp) on the clients' intranet and running my php apps off of there. hence the concern about source code security.

i've even looked at Encfs for linux but that seems like an overkill.

i can't find a good solution to this problem. and it is frustrating.
User avatar
Kieran Huggins
DevNet Master
Posts: 3635
Joined: Wed Dec 06, 2006 4:14 pm
Location: Toronto, Canada
Contact:

Post by Kieran Huggins »

EncFS and it's counterparts seem like the best solution to me so far - that way you could just populate a webroot in EncFS and it would drop-in to a non-encrypted VMware setup.
User avatar
feyd
Neighborhood Spidermoddy
Posts: 31559
Joined: Mon Mar 29, 2004 3:24 pm
Location: Bothell, Washington, USA

Post by feyd »

I would recommend a well written contract that does not give them the rights to make copies of the software among other restrictions. If you are supplying these physical servers you can lock them, place security tape on their outsides and lock down their software if you want to deny them access to that level of information.

You could also get hosting in other countries that do not have such high bandwidth costs.
Post Reply