The performance gain of HipHop over APC isn't that great for all the extra headaches:

http://php.webtutor.pl/en/2011/05/17/drupal-hiphop-for-php-vs-apc-benchmark/

You also aren't talking about re-engineering Drupal core just for HipHop, but the thousands of contrib modules. A lot of these modules are written by people who really don't care that much about HipHop or the headaches of having to compile and recompile code to get their modules working.

You are talking about a big red herring here. Obfuscation will not protect your source code. Even if you compile it to machine code, if someone wants it bad enough they will get it. The PERL community went through this for years then realized it just didn't work. As matter of fact they decided it was such a waste of time that they ended up putting it in their FAQ:

http://perldoc.perl.org/perlfaq3.html#How-can-I-hide-the-source-for-my-Perl-program%3f

Anything is just going to give you a false sense of security. But again, what you are describing is a federal crime. You really don't have to worry about this happening and if it does, file a criminal complaint. 
Jamie Holly
http://www.intoxination.net 
http://www.hollyit.net
On 12/26/2012 8:52 PM, Austin Einter wrote:
Hi Lary
Thanks for input.

I am not going to distribute code to any customer. It is developed by us (taking Drupal as base) and we will be hosting it. We will never give it to any customer in future also.

The only worry is, in hosting company, if any of their ADMIN guys takes code and give to other competitors without our knowledge. Ofcourse I will have root access and its going to be a dedicated solution. But I feel thats not the solution. One can just take hard disk, put to another machine, copy data and then again put back to original machine.

Otherwise absolutely no worry

Probably Drupal community need to think in line of hiphop or develop something similar.

Thanks a lot.
Austin




On Wed, Dec 26, 2012 at 11:18 AM, Larry Garfield <larry@garfieldtech.com> wrote:
The last I heard, HipHop doesn't work with Drupal because Drupal uses parts of PHP that HipHop doesn't support.  Really, HH is not a general solution for PHP performance tuning.  You have to write code with HH in mind for it to be effective, which Facebook did when creating HH.

As far as "protecting" source code, the GPL license basically says you can't do that; or rather, it's worthless to do so because anyone you distribute the code to is legally entitled to the un-obfuscated source code as well.  That includes any custom modules you write.  Note that only triggers if you distribute the code to someone else; putting code on a web server does not count as distribution (AFAIK), so the host is not legally entitled to do anything with your code other than host it.

That said, if your business model for your site relies on some non-trivial set of modules remaining forever-secret, then your business model is already buggered and you need to find a new one.  Really, the investment in working with the community rather than building a lot of custom code that you have to maintain is worth far more than your custom code.  That will be especially true then next time you decide to do a major version upgrade, where you'll find yourself with a lot of custom code that only you can possibly upgrade and no one willing to help you in the slightest.  That is a bad bad place to be.

--Larry Garfield


On 12/25/2012 05:38 PM, Austin Einter wrote:
Thanks a lot all.

I know Drupal is open source, I wanted to protect only the custom modules developed. I learnt from this discussion that -

1. Take a dedicated m/c, so root access is with me. That gives some protection.
2. Will go for a trusted / reputed web hosting company.

On a side note, I read somewhere a separate branch is maintained for Drupal code base (probably 7.4) that is compatible with hihop use., Can somebody give more information in this regard such as is it maintained and available for latest Drupal 7 releases..

Thanks and Regards
Austin



On Tue, Dec 25, 2012 at 10:12 PM, Richard Damon <Richard@damon-family.org> wrote:
On 12/25/12 10:49 AM, Jarry wrote:
> On 25-Dec-12 16:26, Austin Einter wrote:
>> I am worried for few things.  Lets say I will be taking a dedicated
>> server say from rackspace or doster or godady and host my site as a
>> commercial one.
>>
>> I would not doubt the companies like rackspace or godady ..., but
>> difficult to believe admin engineers who may take the source code and
>> give it to somebody else for few dollars..,
> Source code of what? Drupal or some modules? Drupal is GPL-ed,
> so anybody can have it. Or your own drupal-module? I'm not sure
> but I think if you develop something for Drupal, you have to
> distribute it under the same license at no charge. So which
> php-code you want to obfuscate and why?
>
> Jarry
> ---
>
The GPL means that *IF* you distribute the results, you need to provide
the source, but there is no requirement to publish source if you do not
distribute your "product" (i.e. for your own use). This is good, as it
means you are not required to publish your settings.php file with your
database passwords!

This does mean that if you produce as a product a Drupal module, (I
believe) you can not just distribute it as a protected file, you need to
provide the source for it, but this is only if you distribute it.

--
Richard Damon

--
[ Drupal support list | http://lists.drupal.org/ ]





--
[ Drupal support list | http://lists.drupal.org/ ]