tirana

tirana

Is there a way to protect, somehow, the source code of a Phoenix web app?

Let’s say, there’s a server I have access to and which belongs to a customer. I’ve set up and launched a Phoenix app on it.

Because of our agreement with a customer, I’m not obliged to provide the source code of an app. The only thing I have to do is to lauch it end ensure that it works. Besides, I have a reason to try to protect the source code.

Question: how could I a) protect, or b) make it more difficult to get access to

the source code of said application?

More concretely:
1.1) Is there a way to distribute an app in the compiled form only?

I know how to build a release manually, and I’ve done it. However, there’re so many files there in it, and I don’t know which ones are essential for an app to run, and which aren’t.

1.2) Is there a way to also obfuscate the source code? Whether it be before, during or after compilation.

I’m aware that the maximum I could do is to make it more difficult to access the source code, or understand it. rather than protect it completely. And this is fine.


P.S. My local OS-es and the one on a server are identical. Therefore, I can compile a release locally. And I can set up all the env. locally as well.

Most Liked

al2o3cr

al2o3cr

Technical solutions can only put minor obstacles in the way. The correct tool for this is called “contract law”, and it doesn’t involve any software changes.

If you’re still interested in putting the obstacles in, it would be useful to think through exactly what you’re aiming to prevent. For instance, just writing really poorly-structured code with confusing function names would prevent anybody from understanding but that probably isn’t what you want :stuck_out_tongue:

10
Post #6
AstonJ

AstonJ

Some posts have been removed.

@tirana, please be considerate towards those taking time out of their busy day to contribute to a thread you’ve posted. If somebody replies with something that wasn’t quite what you were looking for you can just ignore it - it’s quite possible that that same piece of information might help someone else reading the thread in future. Please keep in mind we are a nice friendly community here :smiley:

LostKobrakai

LostKobrakai

When you build a release (e.g. using mix release) it won’t include source-code.

Where Next?

Popular in Questions Top

siddhant3030
Hi, I have to write a raw query for one of my project. But till now I have used ecto queries and don’t have much experience writing raw ...
New
Darmani72
If I have a post route which an argument: post /my_post_route/:my_param1, MyController.my_post_handler How would get the post params ...
New
chrisalley
ExUnit now has describe blocks which is a welcome addition coming from RSpec. In the docs, it states that nested hierarchies of describe ...
New
mgjohns61585
Could someone help me? I’m making my first elixir program, number guessing game. I can’t figure out how to convert the user’s guess from ...
New
jerry
Good day to you all. I have been struggling to get a query involving like and ilike to work. Can anyone assist me on this, please? pro...
New
jay1
Why is it that the mnesia database isn’t the most preferred database for use in Elixir/Phoenix?
New
freewebwithme
Using vs code and installed ElixirLS: support and debugger. And I got an error popped up on start up says Failed to run ‘elixir’ comma...
New
jason.o
In the code below, if the create action is not set to accept “extra_key” as an input, it errors out with a message shown above. Is there ...
New
chensan
I have a User schema with a :from_id field set to type :string: defmodule TweetBot.Repo.Migrations.CreateUsers do use Ecto.Migration ...
New
JorisKok
I have a server on AWS, and was running a load test using artillery. When looking at the Phoenix dashboard I see the Ports going to 100% ...
New

Other popular topics Top

sen
Hi All, I set a environment variables in dev.exs , like below code. when i start server, how can i set the ${enable} value? thanks. d...
New
mcarvalho
What is the difference between System.get_env and Application.get_env? For example, what are best practices to use one versus another.
New
shahryarjb
Hello, I have map which I want to convert it to string like this: the map: %{last_name: "tavakkoli", name: "shahryar"} the string I ne...
New
minhajuddin
I have seen a lot of code which picks the first element from a list using Enum.at(0) instead of List.first. Is there a reason why people ...
New
stefanchrobot
What’s the safe way to decode a JSON string into a struct? I want to avoid calling String.to_atom. Jason.decode can give me a map with st...
New
freewebwithme
Using vs code and installed ElixirLS: support and debugger. And I got an error popped up on start up says Failed to run ‘elixir’ comma...
New
fayddelight
I tried installing elixir 1.11.2 erlang 23.3.4 via asdf in my zsh shell. Enabled the versions locally and globally. When I list them ...
New
dblack
I’ve got an issue with an app and I’ve no idea of how to troubleshoot it. I’m hoping someone here might have seen something similar. I p...
New
PeterCarter
There are pre-rolled solutions for other frameworks that do work. However, Phoenix does not seem to have these. Have people had good expe...
New
lanycrost
Hi everyone! I need implement if…else if…else condition from my elixir code, and anymore of this control flow structures not work proper...
New

Latest on Elixir Forum

Elixir Forum

We're in Beta

About us Mission Statement