dachcom-digital/secure-storage
not-reviewed
No Category
Detailsdachcom-digital/secure-storage
No Category
Project Summary
Pimcore Security Storage Bundle
Readme
Pimcore Secure Storage Bundle
Release Plan
Release | Supported Pimcore Versions | Supported Symfony Versions | Release Date | Maintained | Branch |
---|---|---|---|---|---|
1.x | ^11.3 |
^6.4 |
-- | Feature Branch | master |
Installation
"require" : {
"dachcom-digital/secure-storage" : "~1.0.0",
}
Add Bundle to bundles.php
:
return [
SecureStorageBundle\SecureStorageBundle::class => ['all' => true],
];
Description
Encrypt/Decrypt assets on the fly!
Required PHP Extensions
- openssl
Usage
[!CAUTION]
This is a very, very dangerous bundle which can lead to heavy data loss, if you're not careful! Please read the instructions carefully!
Safety Instructions
- Do not define paths with existing assets. Create a new folder or delete all assets first. Those assets can't be opened after defined (since they're not encrypted)
- You'll never be able to remove those paths from configuration. If you have to, you need to download the assets from backend first
- Do not change the key, after you pushed this to production. Encrypted assets will be end up corrupt
Limitations
- The secure adapter only supports the
LocalFilesystemAdapter
. This is fine, since other adapters like aws or cloudflare usually already support encryption by default - Thumbnails can't be generated, since pimcore uses the
getLocaleFileFromStream
method inTemporaryFileHelperTrait
. This is something we might can fix in the near future
Configuration
File Encryption
secure_storage:
encrypter:
options:
cipher: 'aes-128-cbc' # default
key: 'your-12-bit-key' # create your key with base64_encode(openssl_random_pseudo_bytes(16));
secured_fly_system_storages:
# form builder (if you want to encrypt form builder data)
- storage: form_builder.chunk.storage
- storage: form_builder.files.storage
# pimcore
-
storage: pimcore.asset.storage
paths:
- /secure-storage
- /formdata
Custom Encrypter
TBD
Asset Protection
secure_storage:
pimcore_asset_protection:
# protects:
# - public/var/assets [pimcore.asset.storage]
# - public/tmp/asset-cache [pimcore.asset_cache.storage]
# - public/tmp/thumbnails [pimcore.thumbnail.storage]
htaccess_protection_public_directories:
paths:
- /secure-storage
omit_backend_search_indexing:
paths:
- /secure-storage
Copyright and license
Copyright: DACHCOM.DIGITAL
For licensing details please visit LICENSE.md
Upgrade Info
Before updating, please check our upgrade notes!