In this article we focus on the most powerful features that you can use to protect your code and the differences between them. We will compare standard encoding, External Keys and Dynamic Keys which offer the greatest level of protection.


Standard Encoding

For comparison, here’s how standard encoding/decoding of a file works. The encoding key is part of the file and this is the default mechanism used by ionCube and other solutions.


External Keys

External keys are separate from the encoded file and are required in order for the file to run. If the key cannot be found then the encoded file cannot be run.

The encoded file requires an external key in order to run and the contents of the file itself is used as the key value. External keys can be set as a .ini configuration file setting, the path to a file or a license property. The file doesn’t have to be a PHP file and can be located on a remote server.



Dynamic Keys

Dynamic keys are a lot more powerful than external keys as the key is generated at runtime and unlike the other methods, never exists statically. They are applied on a per function basis.

When the correct key is generated it is used to decrypt the byte code for the corresponding function but if the key or encryption method is incorrect then the encoded file will fail to run.

The encoded file contains an encrypted function which is protected by a dynamic key. The dynamic key is the value of keygen() which is used elsewhere. When the protected function is run keygen() is called and returns a value. If this is the expected value then the script will continue to run.

Multiple dynamic keys can be set allowing for infinitely increasing levels of protection.


We recommend making use of these great features and section 4 of our User Guide contains in depth information on External and Dynamic Keys.

ionCube Encoder Dynamic & External Keys