Web Application Obfuscation by Mario Heiderich, Eduardo Alberto Vela Nava, Gareth Heyes, David Lindsay

The PHP programming language has a rough history in terms of security and bugs. Therefore, people have been highly critical of the language. For example, a lot of problems were and still are exploitable remotely, and they enable code execution on the affected Web server, stealing information, manipulating data, and interfering with the Web application and runtime's code flow. Often, virtual private server and shared hosting solutions have been targeted by attackers, since attacking the PHP instances on one virtual server instance compromises the entire box, even if the other instances were already secured thoroughly. Also, so-called “security improvements” ...