Welcome Guest, Not a member yet? Register   Sign In
CodeIgniter Forums Using CodeIgniter Best Practices Where to save sensitive data?
Where to save sensitive data?
  • Offline includebeer
    CodeIgniter Team
  • Posts: 1,018
    Threads: 18
    Joined: Oct 2014
    Reputation: 40
#2
12-20-2020, 08:50 AM

For the database I use .env. The main reason is because I don't save this file in my repository. Each environment have their own file (development, production).

If you don't need this information all the time, like for an api key, I'd say use a config file and load it only when needed. Also, make sure the file permissions on the server are correct and not visible to other users. Something like 0600 to be read/write only by the owner. If you're a team working on the same project, not all developers need to know all the passwords. Especially on the production server.

In any case, never save passwords or api keys in git or svn.
CodeIgniter 4 tutorials (EN/FR) - https://includebeer.com
/*** NO support in private message - Use the forum! ***/
Reply


Messages In This Thread
Where to save sensitive data? - by manager - 12-20-2020, 02:04 AM
RE: Where to save sensitive data? - by includebeer - 12-20-2020, 08:50 AM
RE: Where to save sensitive data? - by manager - 12-21-2020, 10:40 PM



Theme © iAndrew 2016 - Forum software by © MyBB