Credentials in php file

Asked

Viewed 40 times

-1

I want to put the credentials in a php file and I will use the following solution to deploy in production:

config.php in the local environment

$username = 'adm';
$senha = 'aaa';
  1. push to the repository
  2. pull from repository to production server
  3. script execution to replace Adm and aaa with production bank credentials

My point is:

This can be hacked somehow and credentials stolen?

  • 1

    if you create private even have a security, if it is public then everyone sees! Usually no sensitive data is placed, which in the case password is a sensitive data !!!

1 answer

-2

The config.php must be declared in the archive .gitignore, because this way this sensitive information will not be exposed in the repository when you give the command push. I suggest you create a file config.php.sample and when cloning the repository on the production machine, you will have to create a copy of the file config.php.sample and give the name of config.php and put the right credentials in it.

config.php.sample file

$username = 'xxx';
$senha = 'xxx';

File . gitignore

/pasta_qualquer
arquivo_qualquer
config.php
  • it has to stay out of gitignore pq it is necessary to the framework. Adm and aaa are local bank credentials and are not sensitive: they can go to the repository and will be used to replace the production by the credentials as explained in the question.

  • But even in gitignore the framework will be able to make use of the file, the issue is that when you clone the repository on the production server you will have to create the file and pass the credentials of the production base.

  • is 1 possible solution tb, because it is enough to never push the production server, which no longer happens. , so the production server config.php will always be intact.

  • 1

    That’s why the production server will only be pull to update and your file on gitignore will not be changed.

Browser other questions tagged

You are not signed in. Login or sign up in order to post.