CommentLuv Premium will soon use IonCube


Post Views for Sep :
andy
I am the creator of CommentLuv Premium
andy
andy
You can get your own content published on this site as long as you have CommentLuv installed on your site.

Doing so means you get exposure to thousands and thousands of other CommentLuv users and your posts get sent out to the massive subscriber list.

Google loves this site and indexes it multiple times per day and posts always get lots of comments so you can be sure of some excellent exposure.

See the Write For Us page for more details

btw.. you can get this author box here

no piracy

Some things are changing … soon

I was supposed to be on the new payment model for CommentLuv Premium by now.

but I couldn’t for 2 reasons…

1. health reasons are the main cause

and also,

2. I bought a house!

combine 1 and 2 and you have a recipe for arrrrggghh!

First thing to change…

Before I move everything to a new payment model with 6 monthly subscription for updates (and some really nice extras) I have to set the plugin security to use ionCube

If you don’t know, ionCube is a way to encode a php file so it can’t be reverse engineered or nulled.

You have to have the ioncube loader installed to your server but luckily, almost all decent hosting has it already.

hostgator hosting has it

rackspace does too

and many others

I tried obfuscation of the code and that works up to a point but once it has been cracked, it’s basically game over unless you want to spend ages sending out DMCA notices (which I’ve done before – successfully)

WTH?

I know it wont be popular with a few people.

mainly those with cheap and nasty hosting or self built or co-located servers where there was no need for the owner to install php with ioncube included.

thankfully I’ve been monitoring CommentLuv Premium stat checks for the past month and a half and the number of sites without ioncube is very small

although, in most cases where ioncube isn’t installed – it can be!

it’s not a security risk and it doesn’t tax the server resources so there’s no reason why a hosting provider can’t install it to someones hosting.

Why?

When the new payment model comes in, I want to try some free trial packages

and

also monthly subscription based payment systems instead of the one big lump sum

having unprotected code with these types of systems is not good if someone cracks it and it goes out on blackhat forums

trust me, I monitor those forums and it constantly surprises me at how quick something appears as nulled so soon after it was released.

I have issued DMCA warnings to some sites and gotten commentluv taken off and added to the ‘don’t crack’ list

but for the time it is up it hurts for two reasons..

1. it means lost money!

2. more than money lost, it is dangerous because cracked or nulled versions can’t get updated and any bugs or worse, vulnerabilities, wont get patched.

the nulled version of commentluv that is going around has a serious security problem.

I managed to fix it very quickly in the legitimate version but the nulled one still has the bug and no chance of getting it patched because, well, it’s an illegal copied version. (btw…no legitimate customer has the bugged version)

(it’s a pretty serious bug too so if you have a nulled version, expect to get your site owned by a hacker soon)

How?

First thing that I need to do is update the plugin and auto update system to not allow updating to a version that has IonCube encoded files if the server doesn’t have the extension installed

then I have to make sure that any auto updates from old versions that don’t send the IonCube status of the server to download the non-ioncube version first.

this is something I have been thinking about for quite a while and I’m pretty sure I know what to do so it is as smooth as possible to transition to the new code

When?

the work starts after the weekend… (if my hands and eyes are working properly) <- health issues!

I’ll be sure to get some knowledgebase articles ready before it gets implemented..