Level 80
@mhdameri What exactly are you asking about? The transfer of data? Or data being encrypted at rest in your database?
1 like
Jun 4, 2024
7
Level 4
Is there any built-in encryption in laravel to encrypt data to database server
I have a laravel project. I want to deploy my database in a remote server. does laravel have any builtin encryption of transmitted data from server where laravel is served and database server?
Level 4
@martinbean I run my application locally in my office but since other people from other workplaces wants to use the application I want to deploy the database to a service provider I want to know if a user query the database will it be encrypted or not?
Level 122
@mhdameri no, it will not be encrypted unless you code it to.
Level 50
@mhdameri It sounds like you want to encrypt the data in transit, but it's still unclear to me what exactly you're planning on doing and what you're worried about. If you upload a database to a remote server that you own or rent, no one else has access to it unless you expose it to the internet.
If a web app is used to query the database and both are deployed on the same server, the database doesn't need to be exposed to the internet at all. The app can connect to it locally. Once you acquire and configure a TLS certificate for the website, all traffic between users and the website will be encrypted.
If you're thinking of exposing the database directly to the internet so other clients can connect to it, that's a different story. You probably don't want to do it. But if you do, you can configure and enforce TLS for the connections. You should also use a firewall to restrict access to authorized hosts only.
Level 75
Also Did you look at the chapter on encryption.
1 like
If you use https/ssl protocol for the DB connection, the data get encrypted by default... I saw this on stackoverflow which should be enough, and requires a not mentioned installed ssl key on server (private key) and client (public key) side:
https://stackoverflow.com/questions/53061182/mysql-connection-over-ssl-with-laravel
I copy the solution: db.conf:
'mysql' => [
'driver' => 'mysql',
'host' => env('DB_HOST', '127.0.0.1'),
'port' => env('DB_PORT', '3306'),
'database' => env('DB_DATABASE', 'forge'),
'username' => env('DB_USERNAME', 'forge'),
'password' => env('DB_PASSWORD', ''),
'unix_socket' => env('DB_SOCKET', ''),
'charset' => 'utf8mb4',
'collation' => 'utf8mb4_unicode_ci',
'prefix' => '',
'strict' => true,
'engine' => null,
'sslmode' => 'require',
'options' => array(
PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT => false,
PDO::MYSQL_ATTR_SSL_KEY => '/certs/client-key.pem',
PDO::MYSQL_ATTR_SSL_CERT => '/certs/client-cert.pem',
PDO::MYSQL_ATTR_SSL_CA => '/certs/ca.pem',
),
],
.env
DB_CONNECTION=mysql
DB_HOST=xxx.xxx.xxx.xxx
DB_PORT=3306
DB_DATABASE=db_name
DB_USERNAME=db_user
DB_PASSWORD=xxxx
and don't forget to:
php artisan config:clear
php artisan config:cache
php artisan cache:clear
1 like
Level 122
@PatrickCaneloDigital The transport of the data is encrypted, not the data at rest.
I appreciate that the OP is unclear what they are actually asking about
Please or to participate in this conversation.