ionCube Encoder Version 9 introduced some important new features which are the focus of this article.

Dynamic and External Keys allow the user to add another method of protection to encoded PHP scripts which greatly increase security. This article offers a simplified explanation of these powerful features.


External Keys

What is it: External keys are separate from the encoded file and are required in order for the file to run. If the key cannot be found then the encoded file cannot be run successfully.



‘Script 1#’ indicated by the red key symbol is part of an application and requires an external key in order to be run. The key itself is the full path to ‘file.php’. In order for the script to run it first needs to find the full path ‘myserver/folder3/folder2/folder1/file.php’. If that path is not found then ‘Script 1#’ cannot be run. This does not have to be a .php file.



Dynamic Keys

What is it: Dynamic Keys are a lot more powerful than external keys as they can be used for individual functions. The key itself can *only* be generated by running the encoded file in the expected way.

When the correct key is found it is used to decrypt the byte code for the corresponding function but if the key or encryption method is found to be incorrect then the encoded file will fail to run correctly.



‘Script 1#’ contains the function ‘myfunction();’ and it requires a dynamic key to run. The dynamic key in this case is the value returned by ‘myfunctionkey();’ which is located elseware. When ‘myfunction();’ is run ‘myfunctionkey():’ is computed and returns a value. If this is the expected value then the script will continue to run as expected.

Multiple dynamic keys can be set allowing for ever-increasing levels of protection.



We recommend making use of these great Version 9 features and section 4 of our User Guide contains in depth information on External and Dynamic Keys

ionCube Encoder Version 9: Dynamic & External Keys