I think the best way is to code the EXE in any other language that receives the HWID from the server, and then have your PHP script exec () EXE, if the result from the EXE matches, then you run the script ... If not, you will see a message about the error.
You might want to use blenc_encrypt () in PHP, at least so that you can prevent users from logging in and change "if (systemhwid == validhwid)" to "if (1 == 1)"
The best option for encryption is to use IonCube (I think this is Ioncube, which encrypts PHP files), but unfortunately it costs a lot of money.
PHP.net search for blenc_encrypt () function
For those who avoid questions by saying things like “the web server is not designed for this” or “you don’t need to check the HWID on the servers”, JUST ANSWER QUESTION! Not just saying that this is impossible, because my answer proves that it is possible ... You just need to think outside the box and you need to think a little. Also, don't question the user's intentions, they just want a direct answer, no BS.