Should we obfuscate the activation API secret?

  • Hi,
    Since users can edit PHP files and read the contents I’m wondering if it would not be appropriate to obfuscate the activation API Secret key. What do you think?
    Thanks!

Viewing 4 replies - 1 through 4 (of 4 total)
  • Plugin Author mra13

    (@mra13)

    This will vary depending on your project. Yes, you can obfuscate it. They still need a valid license key to activate it.

    Thread Starter Sergio De Falco

    (@sgr33n)

    Ok, thanks! do you have some method to suggest?
    I could protect it with a password but then knowing the encrypted key could be the same as pass a decrypted key? then how can I pass a function to decrypt the string to SLM? does SLM have a filter?

    Thanks,
    Regards

    Thread Starter Sergio De Falco

    (@sgr33n)

    Ok, I found the action slm_api_listener_init that can be used to do this.
    Thanks.

    Plugin Support mbrsolution

    (@mbrsolution)

    Hi, that is good news. If your issue is resolved can you mark this support thread as resolved.

    Thank you

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘Should we obfuscate the activation API secret?’ is closed to new replies.