
What to consider in writing a linux daemon in php and compile it with hiphop for obfuscation

We want to write a Linux service in php and compile it with HIPHOP. Since we started the project with php and we could do all the programming in-house instead of hiring a c++ programmer etc. we would love to stick to php. Speed in execution is not (so) relevant for us since the daemon is just doing some monitoring but we would like to close up the code to obfuscate it. The daemon will do some network communication and logging to a db. Is this a viable route to go? In another post someone described that hiphop needs special attention in programming since not all php features are implemented. Is this still the case? I would love to here your overall opinion on our idea.


  • HIPHOP is quite a beast to handle. It is very limited, so it depends specifically on your application and where it will be deployed. Remember, at present it only runs on 64 bit architectures .. so if you wanted to deploy on a 32-bit machine, you are immediately stuck in the mud.

    You may have to build many different binaries for different linux distro's depending on the nature of your application. Since HipHop only works well on Fedora and CentOS, you are severely limiting your scope. Once you move off of the PHP interpreter, you lose a very large amount of interchangeability between operating systems (Think about it: Windows, Virtually all Linux, All Major BSD Distributions, ... )

    Also keep in mind, I'm not sure to what extent you want to "obfuscate" your code. If you want to make network calls, etc and keep those hidden as well, a packet sniffer can see exactly how you are communicating with the outside world extremely easily.

    Likewise, a debugger and a reasonably seasoned programmer will be able to reverse engineer your binary to a larger degree than you may be aware.

    You may want to look into alternatives such as Zend Encoder or IonCube Encoder would be the preferred method to go about things, but these are non-free options. There are other encoders out there as well that you may want to look into.

    I'm not exactly sure what you're doing other than "monitoring", so I can't say for sure. But a secondary option would be simply to severely limit the amount of code that is being run on the client machines (assuming they are reporting to a server machine) and let the server machines, which are assumed in your total control, handle more processing if any way possible.

    I invite you to simply explore the idea yourself by testing, since once again, it's extremely dependent on the nature of your application and where you intend to deploy it. (And for many people, something like "where to deploy" can change rapidly). HipHop was created with a very narrow scope: Run PHP code as fast as possible. It isn't designed to be highly flexible or highly interchangeable between OS's and CPU Architectures. Please consider this before you write a large application reliant on it, and please make sure you fully understand every implication of using HipHop. Test, test, test.