Protect iOS Project


Virbox Protector supports to protect/encrypt the iOS project with GUI tool and CLI tool both.

Here we use the project "CoupletLabel" as a example to introduce how to use Virbox Protector to protect and distribute the project to Apple store.


  1. it is suggested to protect iOS projects in Mac machines.

  2. Disable the "bitcode" option when you compile/build the IPA main program.

  3. Virbox protector doesn't support to protect the IPA package directly. you can unzip the IPA file and protect/shielding the .app file, click to select the :"Sign" and then to generate a new the IPA package.

Protection Process: by Virbox Protector GUI tool

Compile and build xcarchive file in xcode

Compile and build xcarchive file which contained the dSYM file


 Xcode->TARGETS->Build Setting->Build Options->Debug Information Format

to select to enable Option:

DWARF with dYSM option


The purpose to select and enable this option is to make the xcarchive file being build contained the dSYM file, which to show the function's names when Virbox Protector parse the iOS project. otherwise the functions will only show the relevant address respectively.

Diable the Bitcode option

Currently, Virbox Protector doesn't support the bitcode, so it is necessary to disable the option of "bitcode"

Xcode->TARGETS->Build Setting->Build Options->Enable Bitcode->no;

Build and archive the project

Build/Archive the project: Xcode->Product->Archive

Next, Go to the Archive page

Select the project archived and right click in "Finder" to open the project

Find the the xcarchive being built, and right click Show Package Content

Go to the archive, find the un-protected application located at:


Use Virbox Protector to Protect iOS Project

Open Virbox Protector GUI tools and Sign-in with your account

Find the sub directory which "application" located, Drag the "applications" into the Virbox Protector GUI tools

Protect the critical functions (in Function option tab)

Go to:

Function Option tab and click "Add Functions" button in upper right corner of the page

Click the "Add Function" button in Upper right corner to select the functions which need to be protected, and right click to select the "Protection mode" to each functions: Virtualization, Obfuscation, or No protect


The Functions selection and protection process to iOS project is similar process to Android and native application process. more information you may refer Android protection process or Native project protection process.


Please save the dYSM file into the same directory of app files located. then Virbox Protector may parse and shown the function's name. Otherwise, the functions parsed will be shown the address only;

For xcarchive package, it is no need to save the dYSM file into the same directory. Virbox Protector will reading relevant information automatically.

The dYSM file location: as shown in below:

General Protection Setting (Setting in Protection Option tab)

Go to "Protection Option" tab

Set the Output path and output file name, click box in right to change output path and output name;

Set the protection option to iOS apps in General to prevent debugging and decompiling

Memory Check: To prevent apps being tampered.

Objective-C, Name Obfuscation: To prevent the Objective-C class dumping, to get the name of method.

Debugger Detection: to detect the debugger, to prevent dynamic analysis and debug apps

Strip Debugging Info: To remove the debugging information

Sign Setting

Click to enable the Signature option, then please keep the signature certificate in consistent with the certificate signed when Xcode compile and build the xcarchive, and then the protected apps has been signed on default.

If you doesn't click to enable the signature, then the protected apps will be Not signed on default. so, it is necessary for developer to sign the protected applications manually (for example, use the "codesign " command line to sign, or use the iOS App Signer tool to sign the apps), and keep the certificated signed consistent with the certificate signed when use Xcode to built project.


If the protected apps will be installed in the mobile which non jailbreak. make sure the account specified in Xcode compiling: signing>Team, is consistent with the account used to sign in Virbox Protector.

Click "Protect Selected Project" to start protection

When protection completed, following "file" will be generated:

***.app.ssp: this is the configuration file which saved the setting of Function Option and Protection Option Tabs. this configuration file location is same as the original file. so it is no need to re set the configuration when you use the Virbox Protector to re protect the file. use the previous configuration file will be fine.

/protected/***.ipa: the new IPA package which protected and new generated;

/protected/***.app: the new application after protection/shielding.

Distribute the Protected Application to App store

Before distribute the application to App store, it is necessary to back up and move the original applications to another folder. and:

Move the protected application to the folder which the original application located. please don't save it in the xcarchive package.

after above update completed, back to Archived page and click "Distribute App" to launch applications

Protection Process: By Virbox Protector CLI tool

Generate the configuration file

In this step, Use Virbox Protector GUI to set the protection option in "Function Option" and "Protection Option" Tabs to generate .SSP file.

The setting process is similar with the process by use of Virbox Protector GUI tool to protect the apps. only difference is in last step, after you complete the all setting options, click the button:

Save all Configuration

as shown in below snapshot.

This configuration file generated will be used by CLI tool in second steps.

Use Virbox Protector CLI to protect iOS apps

Go to the sub directory which Virbox Protector CLI tool located and find the CLI tools

find the Virbox Protector app, open the app folder, you can find the


under the /contents/MacOS/bin directory

View "Help" information:

Open the terminal windows, go to the folder: "virboxprotector_con", input:


to view the help information

Execute the protection command

 virboxprotector_con -o 


How to find the Virbox log file if the protected application crashed

The issue: if the protected iOS application crashed when running in the mobile terminal, it is necessary to submit the log file (which contained the collapse information) to Virbox support teams, so developer need to find the log file and submit to Virbox team.

Step1, Please connect the mobile with the mac machine, and make sure the IP address of mobile keep the same IP network segment with the mac Machine's.


Open the Xcode, select the Windows>Devices and Simulator Option

Click View Device Logs Option

If the IP address of mobile is in the same network segment with mac machine, if the application running in the mobile terminal crashed, then the log file will be automatically synchronized to following page:

Click the Type to be the "Crash", right click "Export Log" and save the log to local machine.

How to use the Command line for code signing

1 Use the command to query the digital certificate in the machine

 security find-identity -v -p codesigning 

2 Use the command codesign the application

  codesign -fs <certificate info>  ***.app 

3. How to pack the application into IPA pacakge

Create a folder, folder name is payload

save the protected application into the folder created in above steps

Compress the payload folder (on default compress in zip file)

rename the suffix from .zip to .ipa

Last updated