Help Center
About BadBlue

BadBlue Encoding System FAQ
BadBlue Help Center  >>  PHP FAQ     BadBlue Discussion     Email support

What is the BadBlue Encoding System?

The BadBlue Encoding System (BES) is designed to let authors secure their valuable source code while allowing them to distribute a fully functional application and web server in a tiny footprint. Part of the BES system is the encoding program (a small, command-line executable) that encrypts the scripts. The other part is the standard BadBlue Enterprise Edition web server, which is needed to run the scripts. For a limited time, BadBlue EE is bundled with the encoding system. If you're new to BadBlue, try the free Personal Edition download with the quick start configuration for PHP so that you can determine whether it's suitable for your application.

Which scripting languages work with BES?

PHP, standard Perl and similar CGI-based scripting languages are compatible with BES.

Can I set an expiration date for my scripts?

Yes. BES provides for both unlimited and expiring applications. When you encrypt a set of scripts, you can specify an optional expiration date. After that date, execution of the script will result in an Expired warning message.

How does BES work?

The following example demonstrates typical usage of BES. The BBCRYPT command-line program is used to encrypt a script or set of scripts. The user can open up a command window and execute the following command:

   bbcrypt "c:\program files\badblue\pe\*.php" /p=secret /o=Order-# "/d=c:\temp\distribution"

This example takes the following configuration settings:

  • the source folder scripts ("c:\program files\badblue\pe\*.php")
  • a secret password (/p=secret)
  • the order number you received with BadBlue EE (/o=Order-#)
  • the destination (encrypted) folder ("/d=c:\temp\distribution")

    This command produces encoded copies of the specified scripts in the distribution folder (which is presumed to exist and should be empty prior to running the command).

    Source Folder
    c:\program files\badblue\pe
    Destination (Encrypted) Folder
    bbcrypt.sig Distribution decoder file
    index.php index.php Encrypted script
    login.php login.php Encrypted script
    ... ... Other encrypted scripts

    The contents of the destination folder(s) - including your unique BBCRYPT.SIG decoder file - are redistributed and executed using BadBlue Enterprise Edition. You can test the execution of your encrypted application by (a) defining a virtual directory that points to the distribution folder; (b) enabling CGICACHING in your EXT.INI file (see below for details) and (c) running the application from the virtual directory.

  • How do I create an expiring and encrypted application?

    The following commands (a) delete the contents of the encoded destination folder; (b) switch the current directory to a folder called appfolder where the application to be encoded resides, and then (c) creates encoded scripts in the destination folder from the originals in the appfolder directory; the destination files are both encrypted and set to expire on December 1, 2002:

       del c:\temp\encoded\*.*
       cd "\program files\badblue\pe\appfolder"
       bbcrypt *.php /p=password /o=Order-# /d=c:\temp\encoded /e=2002-12-01

    Note the use of the /e switch which specifies the expiration date in YYYY-MM-DD format (/e=2001-12-01) The expiration command switch must be specified in year, month and day format (YYYY-MM-DD). When the script is executed after this date, an error message is produced by the server and the script does not run.

    Are sample batch files for creating encrypted applications included?

    Yes. The following batch files are included in BadBlue Enterprise Edition:

       ENCSAMP1.BAT   (sample batch file for expiring applications)
       ENCSAMP2.BAT   (sample batch file for non-expiring applications)

    Note the use of the /e switch which specifies the expiration date in YYYY-MM-DD format (/e=2001-12-01) The expiration command switch must be specified in year, month and day format (YYYY-MM-DD). When the script is executed after this date, an error message is produced by the server and the script does not run.

    What's needed to run encrypted applications?

    The following are necessary to execute encrypted apps:  

  • a copy of BadBlue Enterprise Edition to run the encrypted application  
  • the encrypted destination files including the BBCRYPT.SIG file  
  • an EXT.INI file configured to run PHP and enable caching (see below). For the system that is to run encrypted applications, CGI-caching must be enabled. Add the following to EXT.INI to specify the number of files to cache:


    Remember not to add another [SERVICES] section, just add the CGICACHING statement below the existing [SERVICES] section (e.g., immediately after the PHP configuration statements).

  • How do encrypted applications perform?

    Almost as quickly an unencrypted apps. Encrypted scripts are cached for faster performance but there is a slight performance penalty incurred during decryption.

    Do encrypted applications need logic changes?

    Some encrypted applications may need a slight logic change if they employ certain built-in (server-side environment) variables:

    Built-in Variable Change Needed

    Scripts that don't use these variables should require no changes.

    Non-technical FAQ

    How does licensing and redistribution of my application work?

    BES gives you the unlimited ability to distribute encrypted applications, royalty-free. BES only requires a valid, licensed copy of Enterprise Edition on each PC that is going to run an encrypted application.

    Can someone else with Enterprise Edition steal my code?

    No. BadBlue EE does not provide any direct facility for decrypting/decoding scripts. The distribution decoder file (BBCRYPT.SIG, used by the server to decrypt your application) is completely unique, based upon your password and order-number (see above for details).

    How secure is my application?

    BES uses high-performance, symmetric private-key technology combined with key obfuscation to make it quite difficult to crack. No system is unbreakable, but BES employs several safe-guards against hacking.

    Is the BadBlue Encoding System compatible with the Zend Encoder?

    No. BES uses its own encryption system and can currently be used only with the BadBlue Enterprise Edition web server. For applications that run on non-Windows systems or require the use of Apache or other web servers, BadBlue recommends the use of the Zend Encoder. However, on Windows-based systems, BadBlue Enterprise Edition represents an easy, affordable way to distribute your scripts without disclosing source code.

    Get BadBlue Enterprise Edition via electronic distribution today from our partner SWreg: View the full feature list: EE supports uploads, NT user/group security and much more!
    BadBlue Help Center  >>  PHP FAQ     BadBlue Discussion     Email support