HOW TO PROTECT SOURCE CODE DEPLOYED TO A REMOTE SERVER

[Sunday Iyanu Ajayi]

I am working for a client that wants to deploy a project I am working on in a remote server and I will like to project my source code when deployed so that they will not be able to mess with it. 

How can  I  go about it please? 

AJAYI Sunday 

(+234) 806 771 5394

sunne...@gmail.com

[Kasper Laudrup]

Hi Sunday,

No need to shout in the subject line.

On 15/05/2020 15.21, Sunday Iyanu Ajayi wrote:
> I am working for a client that wants to deploy a project I am working on
> in a remote server and I will like to project my source code when
> deployed so that they will not be able to mess with it.
>
> How can  I  go about it please?
>

Don't give them access to the production server(s)?

Kind regards,

Kasper Laudrup

[Sunday Iyanu Ajayi]

The solution will be hosted on my client's server therefore they have  access to it. That is why I need a way to protect my source code.

- Is there are way to deployed the compiled python file of my django project or encrypt the project file?

AJAYI Sunday 

(+234) 806 771 5394

sunne...@gmail.com

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/775ceb24-2293-0bba-16dd-d437852e7da1%40stacktrace.dk.

[Motaz Hejaze]

maybe there is an option in container technologies , docker maybe or other containers types , but i didn't try anything like this  

To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAKYSAw3Njg1a0LstB1DALtcd1L6n-M0ChK4pF3W2xZF%3D0m%2BDsw%40mail.gmail.com.

[John McClain]

I'm not sure this is feasible. The issue is likely about getting paid for you and for them about getting what they paid for. There is no work-a-round for this dynamic in coding other than to use sandbox server you control for version control. Once they approve the iterations and pay you can transfer the code. Otherwise, you are going to have to transfer the code and hope you get paid.

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAKYSAw2PjNzS0Kutg_-DMvwDqQoTrkWpvjwp7K-6JFR1XZ_%3DLQ%40mail.gmail.com.

--

John McClain

Cell: 085-1977-823

Skype: jmcclain0129

Email: Jmccla...@gmail.com

[Sunday Iyanu Ajayi]

Thanks

AJAYI Sunday 

(+234) 806 771 5394

sunne...@gmail.com

To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAN-hv_rMjbvxcRWLT03Z-_426Kv%3DfLtPCScBObFJQSisAnkpbw%40mail.gmail.com.

[Jim Armstrong]

When I work on client projects, I deploy to a test server that is under my control. Once the project is complete and they have paid the invoice, I deploy to the production server under their control. At that point, I don't care if they have access to the code - my contracts give the clients all rights to the project code upon completion of the project.

[Sunday Iyanu Ajayi]

I get your point but my solution is kind of a  SaaS Application. the client wants to host it on his controlled server  and if they get the source code, they can replicate, modify and maybe sell it.  Is there a way to host the compiled file or lock the directory to the project.

AJAYI Sunday 

(+234) 806 771 5394

sunne...@gmail.com

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/636f0636-30df-4ce2-8629-2be8b208ec37%40googlegroups.com.

[Andréas Kühne]

You can't really do that with Python - however - IF you want to go down that route, you can just use the pyc files - you can theoretically backwards compile them, but I think this is the most you can do.... 

Regards,

Andréas

To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAKYSAw3Hqjuz5rD_AsZ5Wa%2B3WBzQ9LN0GzZKHx3D-irztJ1G0A%40mail.gmail.com.

[Derek]

Yes - short answer is you cannot really "protect" Python code directly (see: https://python-compiler.com/post/how-to-distribute-python-program ) 

Long answer - don't sell your code to anyone that you do not trust with it.  Obviously, there is a legal route, but there is also the "name and shame" option.  Sometimes open source is better; you get paid for your time to work on the code rather than trying to sell it as a product - which then you have to try and protect.  The open source option prevents the company from "selling" the code (well, they would look very silly if they tried to do that) and establishes you as the "go to" person for creating and maintaining that type of system. If they do make changes to the open source code, you'd get the benefit as well.  

In general, try and create partnerships with your clients so they want to include you in the development process, rather than treating each as other as competitors.

On Tuesday, 19 May 2020 15:22:13 UTC+2, Andréas Kühne wrote:

You can't really do that with Python - however - IF you want to go down that route, you can just use the pyc files - you can theoretically backwards compile them, but I think this is the most you can do.... 

Regards,

Andréas

Den tis 19 maj 2020 kl 03:36 skrev Sunday Iyanu Ajayi <sunne...@gmail.com>:

I get your point but my solution is kind of a  SaaS Application. the client wants to host it on his controlled server  and if they get the source code, they can replicate, modify and maybe sell it.  Is there a way to host the compiled file or lock the directory to the project.

AJAYI Sunday 

(+234) 806 771 5394

sunne...@gmail.com

On Mon, May 18, 2020 at 9:28 PM Jim Armstrong <j...@jimwritescode.com> wrote:

When I work on client projects, I deploy to a test server that is under my control. Once the project is complete and they have paid the invoice, I deploy to the production server under their control. At that point, I don't care if they have access to the code - my contracts give the clients all rights to the project code upon completion of the project.

On Friday, May 15, 2020 at 9:22:33 AM UTC-4, Sunday Iyanu Ajayi wrote:

I am working for a client that wants to deploy a project I am working on in a remote server and I will like to project my source code when deployed so that they will not be able to mess with it. 

How can  I  go about it please? 

AJAYI Sunday 

(+234) 806 771 5394

sunne...@gmail.com

--
You received this message because you are subscribed to the Google Groups "Django users" group.

To unsubscribe from this group and stop receiving emails from it, send an email to django...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/636f0636-30df-4ce2-8629-2be8b208ec37%40googlegroups.com.

--
You received this message because you are subscribed to the Google Groups "Django users" group.

To unsubscribe from this group and stop receiving emails from it, send an email to django...@googlegroups.com.

[Mike Dewhirst]

On 20/05/2020 4:17 pm, Derek wrote:
> Yes - short answer is you cannot really "protect" Python code directly
> (see: https://python-compiler.com/post/how-to-distribute-python-program )
>
> Long answer - don't sell your code to anyone that you do not trust
> with it.  Obviously, there is a legal route, but there is also the
> "name and shame" option.  Sometimes open source is better; you get
> paid for your time to work on the code rather than trying to sell it
> as a product - which then you have to try and protect.  The open
> source option prevents the company from "selling" the code (well, they
> would look very silly if they tried to do that) and establishes you as
> the "go to" person for creating and maintaining that type of system.
> If they do make changes to the open source code, you'd get the benefit
> as well.
>
> In general, try and create partnerships with your clients so they want
> to include you in the development process, rather than treating each
> as other as competitors.
>
>
> On Tuesday, 19 May 2020 15:22:13 UTC+2, Andréas Kühne wrote:
>
> You can't really do that with Python - however - IF you want to go
> down that route, you can just use the pyc files - you can
> theoretically backwards compile them, but I think this is the most
> you can do....
>
> Regards,
>
> Andréas
>
>
> Den tis 19 maj 2020 kl 03:36 skrev Sunday Iyanu Ajayi

> <sunne...@gmail.com <javascript:>>:

>
> I get your point but my solution is kind of a  SaaS
> Application. the client wants to host it on his controlled
> server  and if they get the source code, they can replicate,
> modify and maybe sell it.  Is there a way to host the compiled
> file or lock the directory to the project.
>

Maybe you need to discuss the client's requirements and license them to
do what you agree is OK and you retain whatever control over the source
you want.

I'm guessing that might be expensive getting a lawyer to do it.

Otherwise, as Andréas said, just deploy the pyc files.

Mike

> *AJAYI Sunday *
> (+234) 806 771 5394
> /sunne...@gmail.com <javascript:>/

>
>
>
> On Mon, May 18, 2020 at 9:28 PM Jim Armstrong
> <j...@jimwritescode.com <javascript:>> wrote:
>
> When I work on client projects, I deploy to a test server
> that is under my control. Once the project is complete and
> they have paid the invoice, I deploy to the production
> server under their control. At that point, I don't care if
> they have access to the code - my contracts give the
> clients all rights to the project code upon completion of
> the project.
>
>
> On Friday, May 15, 2020 at 9:22:33 AM UTC-4, Sunday Iyanu
> Ajayi wrote:
>
> I am working for a client that wants to deploy a
> project I am working on in a remote server and I will
> like to project my source code when deployed so that
> they will not be able to mess with it.
>
> How can  I  go about it please?
>

> *AJAYI Sunday *
> (+234) 806 771 5394
> /sunne...@gmail.com/

>
> --
> You received this message because you are subscribed to
> the Google Groups "Django users" group.
> To unsubscribe from this group and stop receiving emails
> from it, send an email to django...@googlegroups.com

> <javascript:>.

> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/636f0636-30df-4ce2-8629-2be8b208ec37%40googlegroups.com

> <https://groups.google.com/d/msgid/django-users/636f0636-30df-4ce2-8629-2be8b208ec37%40googlegroups.com?utm_medium=email&utm_source=footer>.

>
> --
> You received this message because you are subscribed to the
> Google Groups "Django users" group.
> To unsubscribe from this group and stop receiving emails from

> it, send an email to django...@googlegroups.com <javascript:>.

> To view this discussion on the web visit

> https://groups.google.com/d/msgid/django-users/CAKYSAw3Hqjuz5rD_AsZ5Wa%2B3WBzQ9LN0GzZKHx3D-irztJ1G0A%40mail.gmail.com
> <https://groups.google.com/d/msgid/django-users/CAKYSAw3Hqjuz5rD_AsZ5Wa%2B3WBzQ9LN0GzZKHx3D-irztJ1G0A%40mail.gmail.com?utm_medium=email&utm_source=footer>.

>
> --
> You received this message because you are subscribed to the Google
> Groups "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send

> an email to django-users...@googlegroups.com
> <mailto:django-users...@googlegroups.com>.

> To view this discussion on the web visit

> https://groups.google.com/d/msgid/django-users/021a40fa-a755-4d77-addf-dfd112597dbc%40googlegroups.com
> <https://groups.google.com/d/msgid/django-users/021a40fa-a755-4d77-addf-dfd112597dbc%40googlegroups.com?utm_medium=email&utm_source=footer>.

[John McClain]

Hello Sunday,

I wonder if you could deploy to git and use one of the licenses there to protect the code. I think they would be bound by the use the license permits. Have you looked at this as a possibility?

John

To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAKYSAw3Hqjuz5rD_AsZ5Wa%2B3WBzQ9LN0GzZKHx3D-irztJ1G0A%40mail.gmail.com.

[Sunday Iyanu Ajayi]

Thank you so much. I really appreciate

AJAYI Sunday 

(+234) 806 771 5394

sunne...@gmail.com

To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/021a40fa-a755-4d77-addf-dfd112597dbc%40googlegroups.com.

[James Shen]

try to deploy using a container technology like a docker , only expose port 80, and keep the login to SSH to yourself.

To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAN-hv_pbGUu7Qjm%2BZO7fOmT2H1W2C8Xy%2BhTk_6_BQcUcwc-XbA%40mail.gmail.com.

[Derek]

No; a container is not going to hep with this - see:

https://stackoverflow.com/questions/51574618/preventing-access-to-code-inside-of-a-docker-container

(they specifically mention Python in the answer).

On Wednesday, 20 May 2020 17:20:24 UTC+2, James Shen wrote:

try to deploy using a container technology like a docker , only expose port 80, and keep the login to SSH to yourself.

On Wed, May 20, 2020 at 4:54 PM John McClain <jmccla...@gmail.com> wrote:

Hello Sunday,

I wonder if you could deploy to git and use one of the licenses there to protect the code. I think they would be bound by the use the license permits. Have you looked at this as a possibility?

John

On Tue, 19 May 2020 at 02:35, Sunday Iyanu Ajayi <sunne...@gmail.com> wrote:

I get your point but my solution is kind of a  SaaS Application. the client wants to host it on his controlled server  and if they get the source code, they can replicate, modify and maybe sell it.  Is there a way to host the compiled file or lock the directory to the project.

AJAYI Sunday 

(+234) 806 771 5394

sunne...@gmail.com

On Mon, May 18, 2020 at 9:28 PM Jim Armstrong <j...@jimwritescode.com> wrote:

When I work on client projects, I deploy to a test server that is under my control. Once the project is complete and they have paid the invoice, I deploy to the production server under their control. At that point, I don't care if they have access to the code - my contracts give the clients all rights to the project code upon completion of the project.

On Friday, May 15, 2020 at 9:22:33 AM UTC-4, Sunday Iyanu Ajayi wrote:

I am working for a client that wants to deploy a project I am working on in a remote server and I will like to project my source code when deployed so that they will not be able to mess with it. 

How can  I  go about it please? 

AJAYI Sunday 

(+234) 806 771 5394

sunne...@gmail.com

--
You received this message because you are subscribed to the Google Groups "Django users" group.

To unsubscribe from this group and stop receiving emails from it, send an email to django...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/636f0636-30df-4ce2-8629-2be8b208ec37%40googlegroups.com.

--
You received this message because you are subscribed to the Google Groups "Django users" group.

To unsubscribe from this group and stop receiving emails from it, send an email to django...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAKYSAw3Hqjuz5rD_AsZ5Wa%2B3WBzQ9LN0GzZKHx3D-irztJ1G0A%40mail.gmail.com.

--

John McClain

Cell: 085-1977-823

Skype: jmcclain0129

Email: Jmccla...@gmail.com

--
You received this message because you are subscribed to the Google Groups "Django users" group.

To unsubscribe from this group and stop receiving emails from it, send an email to django...@googlegroups.com.