DEV Community

Discussion on: your Laravel app is not safe?

Collapse
joeczubiak profile image
Joe Czubiak

If you are using Forge or Envoyer for deployment, they both have a way to upload your environment variables.

Also, the .env file shouldn't be committed to your got repo or uploaded directly to your server.

I don't have any guides to recommend but I'm sure there are some out there.