I use something like this:

my $script_text = 'whatever';

# list var/sub names without %$@
# ensure vars can't pop up in other contexts - eg messages
my @obsf = qw (var1 var2 sub1 sub2 ...);

# remove comments - note I use "# ## to denote comment
# to ensure only comments get removed
$script_text =~ s/\s*# ##[^\n]+\n\s*/\n/gis;

# remove extraneous CRs
$script_text =~ s/;\s*\n\s*/;\n/gis;

# and a few other things - html tags - tidy up
$script_text =~ s/>\s+</></gis;

# mess up indenting - make random
$script_text =~ s/\t+/"\t" x (int(rand 6))/ges;
    
# remove some crs
$script_text =~ s/;\s+\}/; }/gis;
$script_text =~ s/\}\s+elsif/} elsif/gis;
$script_text =~ s/\{\s+/{ /gis;
$script_text =~ s/\}\s+\}/} }/gis;
$script_text =~ s/;\s+my/; my/gis;
$script_text =~ s/if\s+\(/if \(/gis;

# obfuscate array stuff majorly
my $i=1;
foreach (@obsf) {
  # create replacement
  my $replace    = unpack ("B32", pack("N", $i));
  $replace     =~ s/^0+(?=\d)//;
  $replace     =~ s/0/I/g;
  $replace     =~ s/1/l/g;

  # replace in script
  $script_text =~ s/$_/$replace/gs;    

  # move on...
  $i++;    
}
[download]

Makes it ugly to read, but anyone with time can unravel it.

Another option is using the Filter packages, but be prepared spending some time reading up on crypto - you have to write your own encryption, I believe. This is a lot more secure than plain obfuscation, but still readable by a determined hacker.

cLive ;-)