dachcom-digital / secure-storage
Pimcore Security Storage Bundle
Installs: 401
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 1
Forks: 0
Open Issues: 1
Type:pimcore-bundle
Requires
- ext-openssl: *
- pimcore/pimcore: ^11.3
Requires (Dev)
- codeception/codeception: ^5.0
- codeception/module-symfony: ^3.1
- codeception/module-webdriver: ^4.0
- phpstan/phpstan: ^1.0
- phpstan/phpstan-symfony: ^1.0
- symplify/easy-coding-standard: ~12.0.0
This package is auto-updated.
Last update: 2024-10-16 07:10:28 UTC
README
Release Plan
Installation
"require" : { "dachcom-digital/secure-storage" : "~1.0.0", }
Add Bundle to bundles.php
:
return [ SecureStorageBundle\SecureStorageBundle::class => ['all' => true], ];
Description
Encrypt/Decrypt assets on the fly!
Required PHP Extensions
- openssl
Usage
Caution
This is a very, very dangerous bundle which can lead to heavy data loss, if you're not careful! Please read the instructions carefully!
Safety Instructions
- Do not define paths with existing assets. Create a new folder or delete all assets first. Those assets can't be opened after defined (since they're not encrypted)
- You'll never be able to remove those paths from configuration. If you have to, you need to download the assets from backend first
- Do not change the key, after you pushed this to production. Encrypted assets will be end up corrupt
Limitations
- The secure adapter only supports the
LocalFilesystemAdapter
. This is fine, since other adapters like aws or cloudflare usually already support encryption by default - Thumbnails can't be generated, since pimcore uses the
getLocaleFileFromStream
method inTemporaryFileHelperTrait
. This is something we might can fix in the near future
Configuration
File Encryption
secure_storage: encrypter: options: cipher: 'aes-128-cbc' # default key: 'your-12-bit-key' # create your key with base64_encode(openssl_random_pseudo_bytes(16)); secured_fly_system_storages: # form builder (if you want to encrypt form builder data) - storage: form_builder.chunk.storage - storage: form_builder.files.storage # pimcore - storage: pimcore.asset.storage paths: - /secure-storage - /formdata
Custom Encrypter
TBD
Asset Protection
secure_storage: pimcore_asset_protection: # protects: # - public/var/assets [pimcore.asset.storage] # - public/tmp/asset-cache [pimcore.asset_cache.storage] # - public/tmp/thumbnails [pimcore.thumbnail.storage] htaccess_protection_public_directories: paths: - /secure-storage omit_backend_search_indexing: paths: - /secure-storage
Copyright and license
Copyright: DACHCOM.DIGITAL
For licensing details please visit LICENSE.md
Upgrade Info
Before updating, please check our upgrade notes!