Level 56
You should get the config values from your .env file with getenv('DB_PASS') etc... Then you can define those env variables with heroku (I don't know how I don't use it). So no need to put the .env file in the version control.
1 like
Dec 2, 2014
2
Level 1
Advice - Where do I place sensitive information on a Heroku hosted app?
I am trying to learn how to deploy a Laravel application with Heroku but I am having a difficult time figuring out where is the most appropriate and safe place to put app related sensitive information like database username/password and such. I read through Laravel's documentation and it is recommended to put such information on a .env.php file on the application's root directory and not include it in version control(git in my case) but Heroku is git based so where ever I put this sensitive info, it will always be in version control. So my question is, to anyone who is/has using/used Heroku with Laravel or anyone who has any advice, is putting the info on where it should be like for example database info on the config database file or use .env.php and commit it along while it is not recommended? Thanks in advance guys!
Level 1
That makes a lot of sense, thank you for your help!
Please or to participate in this conversation.