Securing SMTP credentials

Posted August 17, 2021 166 views
PHPSecurityDigitalOcean App PlatformPaaS

Hi, I’m using Google’s SMTP server to act as the integration for my contact form (PHP). The site is being hosted in your App Platform, I don’t really want to have to use Droplet. I’ve had it working locally, but before I’m ready to use it on the App Platform I need to figure out how to correctly store the SMTP Password.

I don’t want to commit it to code for obvious reasons, but I’m struggling to find out how I can use it. I’m looking at environment variables which are encrypted, but I can’t seem to find any documentation for decrypting it so I can actually use the password for authentication.
I don’t really want to have to go down the route of MySQL to store my SMTP credentials, but if I have to then fine.

Any help / advice would be greatly appreciated.

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
1 answer

👋 @brownjohno1993

Great question! App Platform will automatically decrypt and inject the plaintext into the the environment variable for the component (or entire app if using global vars). You don’t need to do the decrypting, we do that for you!

Thanks for bringing this up, our documentation is a bit lacking here! We’ll get that fixed up!

Hope this helps :)