Security tips
Reviewedbyfl
Markdown ↓🛡️
Stay safe online.
Security tips to protect your fortrabbit account, SSH keys, and application code from unauthorized access.
Dashboard and passwords security
Protect your fortrabbit account by using a strong password and regularly reviewing which SSH keys and team members have access.
- The password to log in with the fortrabbit dashboard must be secure.
- Use a password manager or a long pass-phrase.
- Don't share your account password, use our collaboration features instead.
- Rotate internal passwords via the dashboard:
- Object storage
- When team members leave
- Go over the list of imported SSH public keys periodically and keep only those being used. See SSH key setup for more details.
PHP code security
Follow established security practices to prevent common vulnerabilities in your application code and protect user data.
- Make sure to follow common security guidelines — see PHP the right way.
- Mind the OWASP Cheat Sheets to negate attacks before they can start.
- Best practice is to store secrets like database passwords not with code but with App Secrets or environment variables.
- Don't store sensitive information in plain text in the database, use ciphertext.
- Make sure you keep your software up-to-date.