PHPackages uziiuzair/secure-env-php - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. uziiuzair/secure-env-php ActiveLibrary[Security](/categories/security) uziiuzair/secure-env-php ======================== Encrypt environment files for production use. v2.1.0(4y ago)0147MITPHPPHP >=7.1 Since Dec 17Pushed 4y agoCompare [ Source](https://github.com/uziiuzair/secure-env-php)[ Packagist](https://packagist.org/packages/uziiuzair/secure-env-php)[ RSS](/packages/uziiuzair-secure-env-php/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (1)Dependencies (1)Versions (12)Used By (0) Secure Env PHP ============== [](#secure-env-php) Env encryption and decryption library. Prevent committing and exposing vulnerable plain-text environment variables in production environments. You can view a more in-depth tutorial on [Medium](https://medium.com/@johnathanmiller/securing-php-environment-variables-for-production-use-f867e584a1f9). Installation ------------ [](#installation) Install secure-env-php using Composer ``` composer require uziiuzair/secure-env-php ``` .env ---- [](#env) Create an `.env` file in your project with environment variables. ``` DB_HOST=localhost DB_USER=username DB_PASS=password ``` Encrypting ---------- [](#encrypting) Execute `vendor/bin/encrypt-env` in your project directory and follow the command prompts to encrypt your `.env` file. You can press enter to accept the default values in the square brackets. [![Encryption Prompts](https://camo.githubusercontent.com/42b4e20a9ffad7e6c31fb30b30052eb0e1caa486520cc51b5cf40869524c1ed3/68747470733a2f2f63646e2d696d616765732d312e6d656469756d2e636f6d2f6d61782f313630302f312a50436a466f68796638414d6f4c5f6c484f61697034412e706e67)](https://camo.githubusercontent.com/42b4e20a9ffad7e6c31fb30b30052eb0e1caa486520cc51b5cf40869524c1ed3/68747470733a2f2f63646e2d696d616765732d312e6d656469756d2e636f6d2f6d61782f313630302f312a50436a466f68796638414d6f4c5f6c484f61697034412e706e67) Encryption Prompts ------------------ [](#encryption-prompts) 1. Path to your .env file you want to encrypt. 2. Input "y" or "yes" to generate a new secret key file. Otherwise input path to secret key file when prompted. 3. Your choice of encryption algorith or accept the default provided. For a list of supported algorithms visit: . 4. Path to save the encrypted environment file. After you've successfully completed the prompts you should now have an encrypted environment file. Import and Instantiate ---------------------- [](#import-and-instantiate) Import into namespace environment ``` use SecureEnvPHP\SecureEnvPHP; ``` Instantiate class with your decryption arguments. First argument is path to your encrypted env file, second argument is path to your secret key file, and optionally a third argument can be set for your choice of encryption algorithm, *(this needs to match the algorithm you used to encrypt your env file)*. ``` (new SecureEnvPHP())->parse('.env.enc', '.env.key'); ``` Decryption Options ------------------ [](#decryption-options) parameterdescriptiondefault1. pathPath to encrypted file`.env.enc`2. secretPath to key file *or* secret string3. algoEncryption algorithm`aes256`Retrieving Env Values --------------------- [](#retrieving-env-values) After instantiating the SecureEnvPHP class you can retrieve your values in your project by calling `getenv` with your variable names, such as `getenv('DB_HOST')`. Full Example ------------ [](#full-example) ```