Question

Setting up a Web App With Docker Containers - Security

I am currently looking at creating web apps with Laravel and Docker Compose as in the following tutorial:

https://www.digitalocean.com/community/tutorials/how-to-install-and-set-up-laravel-with-docker-compose-on-ubuntu-20-04

My question is:

Isn’t it a very large security risk to store login credentials on a server? The tutorial instructs to store your MySQL (or other database) username and password in your ~/example/.env file. Is there any way around this that is more secure?

Thank you for your help, -catbyte


Submit an answer
Answer a question...

This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Bobby Iliev
Site Moderator
Site Moderator badge
December 24, 2022

Hi there,

This is actually a standard practice and the recommended way for many frameworks, including Laravel. Here is the reference in their docs:

https://laravel.com/docs/9.x/configuration#environment-configuration

Though, you should never add your .env file to your Git project.

Best,

Bobby