The most secure way make a login for the software then make a login encrypted hash to make sure they are logged in from their ip address, password, time, etc on the website or server side

Then you can add all the encrypted software code, all the parts you want to hide on the website or server side what you don't want decompiled. You can also control versions and installs, subscriptions, etc. You can do this with the login hash then use php to check the login hash before giving all the parts of the encrypted software code

Thay may still captur the packets for decrypting them to see the code or Thay may edit the software with their login info then decompile the software. So there is no full way to stop the decompile of the software