Support the ongoing development of Laravel.io →
Configuration Security Architecture

I have a paranoid client asking me if I can encrypt the data on the .env.php file, he is uncomfortable with a "plain text" password stored on that file.

I know I can use server's environment variables on apache or nginx, but the password are stored as plain text on .conf files, so I think my client would not like this approach either, for the same reason: "plain text".

Other way is encrypt the values on that file, but it means I will need a KEY to decrypt that information and need to store that key on a plain text php file or env variable, so it's the same problem.

¿Is there another way to store sensitive data encrypted or something like that?

Last updated 2 years ago.
0

Well, I found some tools to obfuscate or encode PHP code, if someone need something like that, here they are:

http://www.sourceguardian.com/

http://www.zend.com/en/products/guard

http://www.ioncube.com/

http://obfuscator.uk/

Last updated 10 years ago.
0

I wrote an artisan command to encrypt environment variables, available here: https://packagist.org/packages/baglerit/envariable

0

I personally use hhvm as an obsfucator. (+ HUGE performance gain)

you can check how to do here:

https://github.com/facebook/hhvm/wiki/Performance-Tuning#manual-way

Last updated 9 years ago.
0

Sign in to participate in this thread!

Eventy

Your banner here too?

Moderators

We'd like to thank these amazing companies for supporting us

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

© 2025 Laravel.io - All rights reserved.