Secure Your Laravel Application: Encrypt and Decrypt Source Code
HomeLaravel / Secure Your Laravel Application: Encrypt and Decrypt Source Code
Laravel PHP

Secure Your Laravel Application: Encrypt and Decrypt Source Code

BlogAdmin
Share this post on:

In today’s digital era, securing your application code is crucial. Encrypting your source code adds an additional layer of security, making it difficult for unauthorized users to understand or tamper with it.

In this blog post, we’ll walk through the process of encrypting and decrypting source code files in a Laravel application using custom Artisan commands.

Why Encrypt Source Code?

Encrypting your source code can help protect it from unauthorized access and potential threats. It ensures that even if someone gains access to your server or repository, they won’t be able to read the code without decrypting it first.

Prerequisites

  • Before we get started, ensure you have the following:
    • A Laravel application set up.
    • Basic knowledge of Laravel Artisan commands.
    • Composer installed on your system.

How to Implement Laravel Source Encrypter

Implementing Laravel Source Encrypter involves a few straightforward steps. Here’s a guide to get you started:

Step 1: Create Custom Artisan Commands

We’ll create two Artisan commands: one for encryption and another for decryption.

1.1 Create the Encryption Command

First, let’s create the encryption command.

php artisan make:command EncryptSourceCode

Open the generated file app/Console/Commands/EncryptSourceCode.php and update it with the following code:

<?php

namespace App\Console\Commands;

use Illuminate\Console\Command;
use Illuminate\Support\Facades\Crypt;
use Illuminate\Filesystem\Filesystem;

class EncryptSourceCode extends Command
{
  protected $signature = 'source:encrypt {path}';
  protected $description = 'Encrypt source code files';
  protected $filesystem;

public function __construct(Filesystem $filesystem)
{
  parent::__construct();
  $this->filesystem = $filesystem;
}

public function handle()
{
  $path = $this->argument('path');
  if (!$this->filesystem->exists($path)) {
  $this->error('Path does not exist.');
  return 1;
}

$files = $this->filesystem->allFiles($path);
  foreach ($files as $file) {
   if ($file->getExtension() == 'php') {
    $this->encryptFile($file);
  }
}
 $this->info('Source code encrypted successfully.');
 return 0;
}

protected function encryptFile($file)
{
  $contents = $this->filesystem->get($file);
  $encrypted = Crypt::encryptString($contents);
  $encryptedContent = '<?php' . PHP_EOL . PHP_EOL . '// Encrypted' . PHP_EOL . PHP_EOL . base64_encode($encrypted);
  $this->filesystem->put($file, $encryptedContent);
  }
}

1.2 Create the Decryption Command

Next, create the decryption command.

php artisan make:command DecryptSourceCode

Open the generated file app/Console/Commands/DecryptSourceCode.php and update it with the following code:

<?php

namespace App\Console\Commands;

use Illuminate\Console\Command;
use Illuminate\Support\Facades\Crypt;
use Illuminate\Filesystem\Filesystem;

class DecryptSourceCode extends Command
{
  protected $signature = 'source:decrypt {path}';
  protected $description = 'Decrypt source code files';
  protected $filesystem;

public function __construct(Filesystem $filesystem)
{
  parent::__construct();
  $this->filesystem = $filesystem;
}

public function handle()
{
  $path = $this->argument('path');
  if (!$this->filesystem->exists($path)) { 
  $this->error('Path does not exist.');
  return 1; 
}

  $files = $this->filesystem->allFiles($path);
  foreach ($files as $file) {
  if ($file->getExtension() == 'php') {
  $this->decryptFile($file);
  }
}

  $this->info('Source code decrypted successfully.');
  return 0;
}

protected function decryptFile($file)
{
  $contents = $this->filesystem->get($file);
  $encryptedContent = str_replace('<?php' . PHP_EOL . PHP_EOL . '// Encrypted' . PHP_EOL . PHP_EOL, '', $contents);
  $encryptedContent = base64_decode($encryptedContent);
  $decrypted = Crypt::decryptString($encryptedContent);
  $this->filesystem->put($file, $decrypted);
  }
}

Step 2: Encrypt Your Source Code

To encrypt your source code, run the following Artisan command:

php artisan source:encrypt /path/to/your/laravel/app

This command will encrypt all PHP files in the specified directory and its subdirectories.

Example: php artisan source:encrypt resources

Step 3: Decrypt Your Source Code

To decrypt your source code, run the following Artisan command:

php artisan source:decrypt /path/to/your/laravel/app

This command will decrypt all previously encrypted PHP files in the specified directory.

Example: php artisan source:decrypt resources

Important Considerations

  • Security: Ensure only authorized personnel have access to the encryption and decryption commands.
  • Backup: Always create a backup of your source code before running encryption or decryption commands to avoid data loss.
  • Environment: The encryption and decryption processes rely on the same encryption key (APP_KEY in the .env file).

Conclusion

Encrypting and decrypting your source code adds an extra layer of security to your Laravel application. By following the steps outlined in this blog post, you can easily protect your source code from unauthorized access. Remember to handle your encryption keys securely and ensure that only trusted individuals have access to the decryption process.

By implementing these custom Artisan commands, you can enhance the security of your Laravel application and safeguard your valuable source code. Happy coding!

BlogAdmin

Digital Transformation Counsultant (Public Sector)

25+ years experience
UK public sector & enterprise specialist
Board-level commercial leadership
Technology & consultancy expertise

Core Technologies

Business Development 95%
Digital Transformation 92%
Public Sector Solutions 90%
Cloud & AWS Partnerships 85%
  • Public Sector: Government & enterprise solution engagement
  • Commercial: Consultative business development, stakeholder management
  • Technology: Digital services, cloud-led transformation solutions
  • Leadership: Board-level advisory, operational efficiency & innovation
  • Backend: Business transformation strategy, programme delivery, solution consulting
  • Public Sector
  • Enterprise Technology
  • Consulting & Advisory
  • Programme Delivery
  • Cloud & Digital Services
  • Solving complex business challanges through technology-led innovaion
  • Combining consultancy, and delivery expertise
  • Building long-term partnershipis across enterprise & government sectors
  • Driving transformation with practical, outcome-focused solutions
  • Aligning technology investments with operational and commercial goals

BlogAdmin is an experienced digital transformation leader (public sector) with a strong track record of helping organizations solve complex operational and technology challanges through innovative commercial and technical solutions.

With extensive experience spanning consultancy, programme delivery, cloud partnerships, and strategic business dvelopment, he has worked across multiple sectors including public sector, enterprise technology, and digital services.

He brings a rare combinatioin of board-level commercial leadership and hands-on delivery understanding, enabling him to bridge the gap between business objectives and technology execution.

BlogAdmin is paricularly experienced in consultative selling, AWS partnership ecosystems, public sector engagement, and designing commercially viable transformation strategies that combine technology, services and operational efficiency.

Known for his ability to thinik differently around business challanges, he focuses on creating scalable, innovative solutions that help organizations modernize operations, improve service delivery, and accelarate digital transformation initiatives.

    Reach Out Us

    Your name

    Your email

    Subject

    Your message