Protecting code

[Slime101]

I own and run a number of commercial websites and it has been mentioned by a collegue that we really ought to try and protect our interests a little more than we do.

We have a suppliermanufacturer, who is very intersted in our systems, for their own use - due t the nature of the work we have to grant them FTP access to the site to fulfill another part of our work.

Is there any way we can stop them stealing, or using our code by restricting their access to only the directory they need access to?

 

[therubble]

That type of security is basic in most FTP servers, just create an account that only has access to x

 

[Toytown]

It should have been the first thing you did?

When you set up there FTP account, did you just give them access to the webroot? Or did you just give them your user/pass, both are incredibly stupid things to do.

When you setup an FTP account, you can specify a ton of different access/security features, the directory they access to, is just 1 of them.

 

[Slime101]

The account was created as a user account in ensim...how do i lock it down to keep them from prying?

 

[Mark M]

IF it was me I would already have all the code by now anyway

 

[Slime101]

IF it was me I would already have all the code by now anyway

Yes, well thankfully they are slightly more trustworthy than that and know the consequences of messing where they shouldnt, however still wish to lock it down.

 

[Slime101]

Anyone?

 

[Adz]

chrooting them into a directory will need to be done by your hosting provider, if it's not possible within the control panel (it is with cPanel but I'm not that familiar with Ensim).

If you want to go one step further, you could encode your PHP (assuming PHP) with Ioncube.

HTH

 

[Slime101]

Cheers Adam

 

[meghatronic]

Cheers Adam

Or write a php file transfer program that only 'works' for that dir and give them that?