Home Original page

GitHub - archisgore/php: Fork of official PHP Docker Libraries with Polyscripting overlays on top

Publish Encrypted Execution Tools

Publish 8.5 Apache on Debian Bookworm

Encrypted Execution PHP

This is a fork of the Docker PHP demonstrating how Encrypted Execution can be applied to PHP, and consumed seamlessly by PHP users or even hosters.

Quick Start

Running Your PHP Website

Use Encrypted Execution PHP exactly like you would use standard PHP containers. Simply mount your PHP application to /vanilla-html:

Important: Mount your application to /vanilla-html (NOT /var/www/html). The container automatically copies and optionally transforms your files at startup.

Basic Usage (Without Scrambling)

Perfect for development and testing:

docker run --rm -v ./my-php-app:/vanilla-html -p 8080:80 ghcr.io/encrypted-execution/encrypted-php8.5-apache-debian:latest

Access your site at http://localhost:8080

Production Usage (With Scrambling)

Enable runtime scrambling for enhanced security:

docker run --rm -e SCRAMBLE_ON_START=true -v ./my-php-app:/vanilla-html -p 8080:80 ghcr.io/encrypted-execution/encrypted-php8.5-apache-debian:latest

Note: First startup takes ~30-60 seconds for scrambling and transforming your application files. Your mounted files in /vanilla-html remain untouched.

Real-World Examples

WordPress:

docker run --rm -v ./wordpress:/vanilla-html -p 8080:80 ghcr.io/encrypted-execution/encrypted-php8.5-apache-debian:latest

Laravel:

docker run --rm -v ./my-laravel-app:/vanilla-html -p 8080:80 ghcr.io/encrypted-execution/encrypted-php8.5-apache-debian:latest

Symfony:

docker run --rm -v ./my-symfony-app:/vanilla-html -p 8080:80 ghcr.io/encrypted-execution/encrypted-php8.5-apache-debian:latest

Custom PHP App:

docker run --rm -v ./my-custom-app:/vanilla-html -p 8080:80 ghcr.io/encrypted-execution/encrypted-php8.5-apache-debian:latest

Docker Compose

Add to your docker-compose.yml:

services:
  web:
    image: ghcr.io/encrypted-execution/encrypted-php8.5-apache-debian:latest
    ports:
      - "8080:80"
    volumes:
      - ./my-php-app:/vanilla-html
    environment:
      - SCRAMBLE_ON_START=false  # Set to 'true' for production

With Database

Complete stack example:

services:
  web:
    image: ghcr.io/encrypted-execution/encrypted-php8.5-apache-debian:latest
    ports:
      - "8080:80"
    volumes:
      - ./my-php-app:/vanilla-html
    environment:
      - SCRAMBLE_ON_START=false
    depends_on:
      - db

  db:
    image: mysql:8.0
    environment:
      MYSQL_ROOT_PASSWORD: example
      MYSQL_DATABASE: myapp
    volumes:
      - db_data:/var/lib/mysql

volumes:
  db_data:

Key Differences from Standard PHP

  1. Mount Point: Use /vanilla-html instead of /var/www/html for your application
  2. Automatic Transformation: When scrambling is enabled, your PHP files are automatically transformed to use scrambled keywords
  3. Safe Mounting: Your mounted files remain untouched - transformations happen on internal copies
  4. Drop-in Replacement: Just change the image name and mount point in your existing setup
  5. Optional Scrambling: Enable SCRAMBLE_ON_START=true when you need it
  6. No Code Changes: Your PHP application code stays exactly the same

Try the Demo App

We've included a complete demo application you can run immediately:

# Clone the repository
git clone https://github.com/encrypted-execution/php.git
cd php

# Run the demo app (development mode)
docker run --rm -v ./examples/simple-php-app:/vanilla-html -p 8080:80 ghcr.io/encrypted-execution/encrypted-php8.5-apache-debian:latest

Then visit http://localhost:8080 to see:

  • Interactive PHP form with session tracking
  • PHP configuration and loaded extensions
  • Live demonstration of PHP functionality
  • Modern, responsive UI

Try with scrambling:

docker run --rm -e SCRAMBLE_ON_START=true -v ./examples/simple-php-app:/vanilla-html -p 8080:80 ghcr.io/encrypted-execution/encrypted-php8.5-apache-debian:latest

The demo app works seamlessly with both vanilla and scrambled PHP - your application files are automatically transformed when scrambling is enabled!

See examples/simple-php-app/README.md for more details.

Testing the Setup

For a minimal test, create a test directory with a simple index.php:

mkdir test-app
echo "<?php phpinfo(); ?>" > test-app/index.php
docker run --rm -v ./test-app:/vanilla-html -p 8080:80 ghcr.io/encrypted-execution/encrypted-php8.5-apache-debian:latest

Visit http://localhost:8080 to see PHP info.

Development

  1. All scrambling code is under /encrypted-execution
  2. To produce a new PHP version (on whatever distro), you basically need to do the equivalent of:
    • Pick up that Distro+Webserver directory from upstream Docker PHP repo
    • Modify Dockerfile to import the Encrypted Execution builder image to get the tools
    • Right after building full-php, run the encrypter so that the Zend parser is scrambled
    • Rebuild. The incremental build should be fast (this is how we live-reencrypt running code so fast.)

Wordpress

Follow the Encrypted Wordpress repository for pre-built wordpress running on Encrypted Execution PHP.

License

All modifications, patches, changes: when not automatically applicable under The PHP License for whatever reason, are granted under the Apache 2.0 License.

NOTE: Copyrights to all code is belong to Polyverse Corporation. This isn't a problem unless you want to relicense this.