This is a fork of the Docker PHP demonstrating how Encrypted Execution can be applied to PHP, and consumed seamlessly by PHP users or even hosters.

Use Encrypted Execution PHP exactly like you would use standard PHP containers. Simply mount your PHP application to /vanilla-html:

Important: Mount your application to /vanilla-html (NOT /var/www/html). The container automatically copies and optionally transforms your files at startup.

Perfect for development and testing:

docker run --rm -v ./my-php-app:/vanilla-html -p 8080:80 ghcr.io/encrypted-execution/encrypted-php8.5-apache-debian:latest

Access your site at http://localhost:8080

Enable runtime scrambling for enhanced security:

docker run --rm -e SCRAMBLE_ON_START=true -v ./my-php-app:/vanilla-html -p 8080:80 ghcr.io/encrypted-execution/encrypted-php8.5-apache-debian:latest

Note: First startup takes ~30-60 seconds for scrambling and transforming your application files. Your mounted files in /vanilla-html remain untouched.

WordPress:

docker run --rm -v ./wordpress:/vanilla-html -p 8080:80 ghcr.io/encrypted-execution/encrypted-php8.5-apache-debian:latest

Laravel:

docker run --rm -v ./my-laravel-app:/vanilla-html -p 8080:80 ghcr.io/encrypted-execution/encrypted-php8.5-apache-debian:latest

Symfony:

docker run --rm -v ./my-symfony-app:/vanilla-html -p 8080:80 ghcr.io/encrypted-execution/encrypted-php8.5-apache-debian:latest

Custom PHP App:

docker run --rm -v ./my-custom-app:/vanilla-html -p 8080:80 ghcr.io/encrypted-execution/encrypted-php8.5-apache-debian:latest

Add to your docker-compose.yml:

services:
  web:
    image: ghcr.io/encrypted-execution/encrypted-php8.5-apache-debian:latest
    ports:
      - "8080:80"
    volumes:
      - ./my-php-app:/vanilla-html
    environment:
      - SCRAMBLE_ON_START=false  # Set to 'true' for production

Complete stack example:

services:
  web:
    image: ghcr.io/encrypted-execution/encrypted-php8.5-apache-debian:latest
    ports:
      - "8080:80"
    volumes:
      - ./my-php-app:/vanilla-html
    environment:
      - SCRAMBLE_ON_START=false
    depends_on:
      - db

  db:
    image: mysql:8.0
    environment:
      MYSQL_ROOT_PASSWORD: example
      MYSQL_DATABASE: myapp
    volumes:
      - db_data:/var/lib/mysql

volumes:
  db_data:

1. Mount Point: Use /vanilla-html instead of /var/www/html for your application
2. Automatic Transformation: When scrambling is enabled, your PHP files are automatically transformed to use scrambled keywords
3. Safe Mounting: Your mounted files remain untouched - transformations happen on internal copies
4. Drop-in Replacement: Just change the image name and mount point in your existing setup
5. Optional Scrambling: Enable SCRAMBLE_ON_START=true when you need it
6. No Code Changes: Your PHP application code stays exactly the same

We've included a complete demo application you can run immediately:

# Clone the repository
git clone https://github.com/encrypted-execution/php.git
cd php

# Run the demo app (development mode)
docker run --rm -v ./examples/simple-php-app:/vanilla-html -p 8080:80 ghcr.io/encrypted-execution/encrypted-php8.5-apache-debian:latest

Then visit http://localhost:8080 to see:

• Interactive PHP form with session tracking
• PHP configuration and loaded extensions
• Live demonstration of PHP functionality
• Modern, responsive UI

Try with scrambling:

docker run --rm -e SCRAMBLE_ON_START=true -v ./examples/simple-php-app:/vanilla-html -p 8080:80 ghcr.io/encrypted-execution/encrypted-php8.5-apache-debian:latest

The demo app works seamlessly with both vanilla and scrambled PHP - your application files are automatically transformed when scrambling is enabled!

See examples/simple-php-app/README.md for more details.

For a minimal test, create a test directory with a simple index.php:

mkdir test-app
echo "<?php phpinfo(); ?>" > test-app/index.php
docker run --rm -v ./test-app:/vanilla-html -p 8080:80 ghcr.io/encrypted-execution/encrypted-php8.5-apache-debian:latest

Visit http://localhost:8080 to see PHP info.

1. All scrambling code is under /encrypted-execution
2. To produce a new PHP version (on whatever distro), you basically need to do the equivalent of:
   • Pick up that Distro+Webserver directory from upstream Docker PHP repo
   • Modify Dockerfile to import the Encrypted Execution builder image to get the tools
   • Right after building full-php, run the encrypter so that the Zend parser is scrambled
   • Rebuild. The incremental build should be fast (this is how we live-reencrypt running code so fast.)

Follow the Encrypted Wordpress repository for pre-built wordpress running on Encrypted Execution PHP.

All modifications, patches, changes: when not automatically applicable under The PHP License for whatever reason, are granted under the Apache 2.0 License.

NOTE: Copyrights to all code is belong to Polyverse Corporation. This isn't a problem unless you want to relicense this.