Protection for your laravel backups
Backup Shield simply listens for when the .zip-file generated by Laravel-backup is done, grabs it and applies your password and encryption of your liking.
composer require olssonm/laravel-backup-shield
laravel/framework: "^5.8" and above (including Laravel 6 & 7.) Requires
Please note that
spatie/laravel-backup: "^6" and
laravel/framework: "^6.0|^7.0" requires PHP 7.2.
Publish your configuration using
php artisan vendor:publish and select
BackupShieldServiceProvider. Or directly via
php artisan vendor:publish --provider="Olssonm\BackupShield\BackupShieldServiceProvider".
You only have the ability to set two different options; password and encryption.
// Default configuration; backup-shield.php return [ 'password' => env('APP_KEY'), 'encryption' => \Olssonm\BackupShield\Encryption::ENCRYPTION_DEFAULT ];
Your password (duh). The default is the application key (
APP_KEY in your .env-file). You might want to set something more appropriate. Remember to use long strings and to keep your password safe – without it you will never be able to open your backup.
NULL if you want to keep your backup without a password.
Set your type of encryption. Available options are:
\Olssonm\BackupShield\Encryption::ENCRYPTION_DEFAULT (PHP < 7.2: PKWARE/ZipCrypto, PHP >= 7.2: AES 128)
\Olssonm\BackupShield\Encryption::ENCRYPTION_WINZIP_AES_128 (AES 128)
\Olssonm\BackupShield\Encryption::ENCRYPTION_WINZIP_AES_192 (AES 192)
\Olssonm\BackupShield\Encryption::ENCRYPTION_WINZIP_AES_256 (AES 256)
Important information regarding encryption
ENCRYPTION_DEFAULT (PKWARE/ZipCrypto) crypto gives you the best portability as most operating systems can natively unzip the file – however, ZipCrypto might be weak. The Winzip AES-methods on the other hand might require a separate app and/or licence to be able to unzip depending on your OS; suggestions for macOS are Keka and Stuffit Expander.
Also to note is that when zipping very large files ZipCrypto might be very inefficient as the entire data-set will have to be loaded into memory to perform the encryption, if the zipped file's content is bigger than your available RAM you will run out of memory.
Since PHP 7.2 (coupled with zip-extension >= 1.14.0) PHP can natively password-protect .zip-files via the ZipArchive-methods. If these conditions are met, ZipArchive is used. Else, the package will automatically use the nelexa/zip-package.
The former might be less memory-intensive.
$ composer test
The MIT License (MIT). Please see the LICENSE.md for more information.
© 2020 Marcus Olsson.