3 min read

How to Encrypt & Decrypt Your env File in Laravel

The .env file is an important file in any Laravel application that contains sensitive information like database credentials and API keys. Encrypting the file helps keep this information secure and protected from unauthorized access. The tutorial covers how to encrypt and decrypt the .env file using the artisan command-line tool in Laravel, and provides an example to help understand the process. The tutorial also emphasizes the importance of keeping the encryption key secure.

Laravel is a popular PHP framework widely used for building web applications. We could all agree that one of the most important files in any Laravel application is the .env file, which contains sensitive information like database credentials, API keys, and other secrets. It is essential to keep this file secure and protected from unauthorized access. One way to do this is by encrypting and decrypting the .env file. In this blog post, we will discuss how to encrypt and decrypt the .env file in Laravel with an example.

Encrypting the .env file

To encrypt the .env file, we need to use the artisan command-line tool that comes with Laravel. We will be using the following command to encrypt the .env file:

php artisan env:encrypt

This command will encrypt the contents of the .env file and save them in an encrypted format in the same file.

INFO  Environment successfully encrypted.  

Key                     base64:mw8A4bOwwLLYETvVQm4Ow9cm7KLhE+gGSu5RBHjGnEI=  
Cipher                  AES-256-CBC  
Encrypted file          .env.encrypted

It is important to note that the encryption key used by Laravel to encrypt the values is stored in the config/app.php file. So, make sure to keep this file secure.

Decrypting the .env file

To decrypt the .env file, we need to use the following command, where the value of the key will be the key from the code snippet above:

php artisan env:decrypt --key=base64:mw8A4bOwwLLYETvVQm4Ow9cm7KLhE+gGSu5RBHjGnEI=

This command will decrypt the contents of the .env file and save them back to the same file. Once you open the .env file again, you will see that the file will contain plain text values again.

Example

Let’s take an example to understand how to encrypt and decrypt the .env file in Laravel. Assume that we have the following values in our .env file:

DB_CONNECTION=mysql
DB_HOST=127.0.0.1
DB_PORT=3306
DB_DATABASE=mydatabase
DB_USERNAME=myusername
DB_PASSWORD=mypassword

To encrypt these values, we will run the following command:

php artisan env:encrypt

After running the command, the .env file will look something like this:

eyJpdiI6IlVhNkM4djN2Q2wyUUx4M1g4aGdOeEE9PSIsInZhbHVlIjoiZ2owRmJqdXZmRm5lR1l0d0JZTEFwbW5jYzJxb1pZR3VxM3JWb2VpcjJGdz0iLCJtYWMiOiI1YTNmZWYzYmYyMjIzNDIzZjUyZTQwOGU0N2U1Mzg2MjUzNjU1MmU0NjUyNmZhYzIwMzBlMjZiOWY1YjUyMjcwIn0=

To decrypt these values, we will run the following command:

php artisan env:decrypt --key=base64:mw8A4bOwwLLYETvVQm4Ow9cm7KLhE+gGSu5RBHjGnEI=

After running the command, the .env file will contain plain text values again.

It is recommended to encrypt your .env file when it contains sensitive information like database credentials, API keys, and other secrets. Encrypting the file helps to keep this information secure and protected from unauthorized access.

Conclusion

In this blog post, we discussed how to encrypt and decrypt the .env file in Laravel. It is important to keep the sensitive information in the .env file secure and protected from unauthorized access. Encrypting and decrypting the .env file is one of the ways to achieve this. We hope that you found this blog post informative and helpful. If you have any questions or suggestions, please feel free to leave a comment below.

I hope this article showed you can easily encrypt an decrypt yout .env file. If you enjoyed reading this post and would like me to write an article on a specific topic, please send an email to info@codewithdary.com.