One of the most reliable ways to protect scripts from learning and modification today is obfuscation.
Obfuscation (from lat. Obfuscare, “shade, darken”) - obfuscation of the program code, that is, casting the source text to a form that preserves the program’s functionality, but complicates the analysis, understanding of work algorithms and modification.
The first stage of deobfuscation is the formatting of the script text, hyphenation, and alignment of the code with an easy-to-read "ladder". For this, I use two tools. WaterProof Software has developed a small (less than 100 kilobytes) free program to format phpCodeBeautifier PHP script code . To download it from an offsite, free registration is required, so here is a direct download link for your convenience. The program is console, command line parameters can be found in the instructions from the archive. For lovers of windows there is a GUI version, although it’s older, but you can attach a console file from the latest version to it.
When formatting large scripts, the browser may display a message that the script is frozen and will offer to stop its execution. This is not necessary, just processing takes more time.
If variable names were not replaced during obfuscation, then after formatting the code, deobfuscation can be considered complete. In any case, the script is already much more readable and understandable.
If the names of variables and functions are spoiled, then we pass to the second part of deobfuscation. Here, unfortunately, there are no ready-made tools, well, or at least I have not seen them. If someone wants to take up writing such a tool for free, then I can provide a detailed technical task. For now, we have to limit ourselves to theoretical calculations.
This article describes only the general principles of deobfuscation, for each case it is necessary to think over and apply an individual approach. But usually, to perform hacking or parsing an algorithm of a particular function, complete deobfuscation is not required.