If you are here then there's no doubt that it's because you want to prevent one of the following things from happening.
It's either because you want to make sure that your PHP source code does not get into wrong hands i.e To ensure that it is not being modified or read by anyone.
Or it could be because you want to make sure that your application(The one you developed in PHP) is not redistributed illegally.
That's where ionCube comes in.
We'll get in how to install ionCube on ubuntu 16.04 in a second but before that let's find out what's ioncube.
So, what is ioncube ?
"ioncube" is a tool/PHP encoder that helps you solve the above problems by implementing techniques such as Compiled Bytcode protection and Binary Code Obfuscation.
We are going to see the step by step installation process. This process will help you to install ionCube on Ubuntu 16.04 here.
Here are the steps that you have to follow when you want to install ionCube successfully on your system.
- Finding the right version of ionCube.
- "ionCube" Setup
- Confirm the ionCube installation.
Before we jump into installation process let's take a quick look at prerequisites.
You will need an Ubuntu 16.04 server to be installed on your system.
Refer this guide for Ubuntu server setup
And you need to have a web server installed on your system. It could either be apache or Njinx.
Installing ionCube on Ubuntu 16.04:
- Finding the right version of ionCube:
Make note of this point:
First and foremost check ioncube version and see if it's compatible with PHP version running on your web server.
So, before you do anything else you need to find out:
a) The PHP version supported by your web server.
b) And an answer to the age-old question of whether it's a 32 bit or 64 bit Ubuntu server.
The question of whether it's 32 bit or 64 bit always comes up whenever you want to download and install a new software or tool on your system.
For that, first, you have to go to the root directory of your web server and then create a file, a new file and name it phpinfo.php.
$ sudo nano /var/www/html/info.php
The phpinfo.php file should contain nothing but the code shown below.phpinfo(); ?>
Copy this code and paste it into your phpinfo.php file.
Once that's done save the file and close it.
Open the browser.
Then access the info.php file by using http://enteryourserver's_ip/info.php
It will take you to a webpage that will give you the PHP version compatible with your web browser.
The header of the web page will give you the version of PHP on running on your web browser.
The first few entries on the web page will be
System, Server API, Virtual Directory Support, Configuration File (php.ini) Path, Loaded configuration file, Scan this dir (directory) for additional ini files and so the list goes on.
All the information will be displayed in a tabular format.
The System row will help you figure out if it's 64-bit PHP or 32-bit PHP.
Take a look at the lengthy line in the System row.
The line will end with either x86_64 or i686. If it ends with x86_64 then your web browser supports 64-bit PHP. And if it ends with i686 then your web browser supports 32-bit PHP.
- "ionCube" Setup
Now that you have that information let's move on to the installation of ionCube on Ubuntu.
You will have to download ioncube loader php 7. It contains a list of ioncube encoder 10 loaders.
In this case, the server runs 64-bit PHP so we have to download the 64-bit linux file.
If your server runs 32-bit PHP then download the 32 bit linux file.
Once the file is downloaded you have to extract the archive.
Use the below command to extract the content of the archive. This command is specifically for 64-bit PHP.
$ tar xvfz ioncube_loaders_lin_x86-64.tar.gz
What this command does it extracts the content from ioncube_loader_lin.tar.gz file you downloaded.
It will create a directory with the name "ioncube". In this directory, you can find the suitable PHP file version. In our case, the version is PHP 7.0.
After you find the file you have to copy it to the PHP extensions folder.
Do you remember the phpinfo.php you created?
Access the web page using http://enteryourserver's_ip/info.php.
When info.php loads, search for extension_dir.
extension_dir will give you the location of where you have to copy your ioncube php 7 version file.
Use the following command to copy the file to that location.
The location will be given in below format
So, the command for copying the location will be:
$ sudo cp ioncube/ioncube_loader_lin_7.0.so /usr/lib/php/20151012/
In order to load the ioncube extension, we have to add it to the PHP configuration.
Now, go back to http://enteryourserver's_ip/info.php and look for Scan this dir (directory) for additional ini.
It will give you the location where you have to create a file.
The location will be displayed in the below format:
Create a file named 00-ioncube.ini.
The 00 in the filename will make sure that ioncube.ini will be loaded before any of the other PHP configuration files.
You can use the following command to for creating the file.
$ sudo nano /etc/php/7.0/apache2/conf.d/00-ioncube.ini
When the file is created add zend extension php ini shown as below.
Save your file and close it.
The changes will be applied once you restart the web server.
Note that if you are using php-fpm, you may want to restart that as well.
That takes care of almost everything.
Let's check whether the ioncube install was successful.
- Confirm the ionCube installation.
Go back to the http://enteryourserver's_ip/info.php web page. It will seem like we are going back to info.php a lot, but that's where you will find everything.
Once there you can simply search for "ionCube".
It will lead you to a find where you'll see
ionCube PHP Loader(enabled)
A word of advice. Once you have confirmed that the extension has been installed and enabled.
Delete the php.info file.
keeping the file will make you a target for potential attackers, as they will be able to view your server info.
You now have a completely functional ionCube extension.
You now have a secure environment for all your PHP applications. It will act as theft-protection for your applications as well as will prevent people from reading or modifying your source code.