Comments (3)
vlucas
commented on May 2, 2024
Typically, your .env file will be below your web root, so it will never be web-accessible. If it is web accessible, you will have to take extra steps to ensure it is protected with .htaccess of nginx configs, etc.
from phpdotenv.
vlucas
commented on May 2, 2024
Also - In the ideal setup, your .env file itself will never be deployed with your project - the idea is that on the production servers, your environment variables will be already loaded and ready to go through some other config method. So really, dotenv itself and the file parsing step should really only ever be done during development.
from phpdotenv.
DanielFallon
commented on May 2, 2024
@vlucas could you go ahead and make this a bit more explicit?
It was obvious for me that this was true, but I just took over a project where a .env file was being used in production and was publicly exposed on the interwebz
Thanks, and looks like a great project!
DJF
from phpdotenv.
Related Issues (20)
- Variables substitution and multiple .env files HOT 1
- Unable to read the "/tmp/build_2f06b5cf/.env" environment file HOT 1
- auto_detect_line_endings is deprecated (PHP 8.1 + dotenv v2.6.9) HOT 1
- PHP version 7.1 is not supported now HOT 2
- Equals Symbol in last line of multiline variable causes issues. HOT 3
- Save to .env HOT 1
- How to loads many env file, but the extension is .txt HOT 1
- Fatal error: Uncaught Error: Class "Dotenv\Dotenv" not found in HOT 1
- Performance degradation HOT 3
- Question - are there any 'builtin' variables? HOT 3
- Add reader with support for secret files
- loading a .env file from outside the webspace seem to not work
- php 8.2 function getenv() not set HOT 1
- Please dont use $_SERVER HOT 1
- Load AWS system environments HOT 4
- symfony/dotenv Correlation HOT 1
- PHP version 7.4 HOT 1
- How does this help with php_value in .htaccess?
- Is there anyway to use sections created in the .env file? HOT 4
- Fatal error: Uncaught Error: Class "Dotenv\Dotenv" not found in HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from phpdotenv.