[Glass] data encryption

In my case, I do a few things:

1) Use HTTPS everywhere possible rather than HTTP. I have nginx with SSL + fast cgi. Be sure to have the gemstone with the latest vulnerabilities fixed. 

2) For user passwords I have 2 type... one way and 2 way encryption. For the first one, I use MD5 (for user login). For the latter I use a nice algo where I merge things of PasswordStoreSplit (which splits a password in pieces and pad the rest with random data) and Blowfish encryption. This is for some kind of passwords I must store and then decrypt to send them somewhere...

And now..not related to encryption but with security and may help:

3) My app is deployed for each "site", which means a whole stone + gems. All gemstone processes of a particular site run under one particular OS user. Say... siteXXX... so all gemstone processes for that site XXX are run with siteXXX. And everything needed for the app (gemstone files, confs, pids, logs, locks, backups, app-custom-files, everything) is inside a particular directory that has 600/700 and ownership 'siteApp'. 

Of course 'siteApp' is not root and does not allow ssh (and sshd allows only certificate logins). 

4) The gemstone user I use is NOT DataCurator and instead I use a particular gemstone user with custom permissions and password. 

5) I change passwords of DataCurator and System and I rarely use them (only upon site creation)

6)I do not  share multiple users (sites) in the same stone.

7) Provide by some means some kind of brute force protection. I have it at my app login level, at nginx and at fail2ban. 

I have more stuff but I think I am going of topic.

Anyway...what I would really like is a way to obfuscate a repository (I don't want my client to have access to my app code) in the case I must deploy my app in client's server. Is this possible? 

Cheers,