Never embed sensitive credentials, passwords, API keys, or other secrets directly in source code. Hardcoded credentials create security vulnerabilities by exposing sensitive data in version control systems and making it accessible to anyone with code access.
Never embed sensitive credentials, passwords, API keys, or other secrets directly in source code. Hardcoded credentials create security vulnerabilities by exposing sensitive data in version control systems and making it accessible to anyone with code access.
Instead, use secure alternatives:
Example of what to avoid:
cache_params:
type: "redis"
host: "redis-18438.c277.us-east-1-3.ec2.redns.redis-cloud.com"
port: 18438
password: "hB44ThYlB4W4m7wpCUwrSzteHqvDKnDV" # โ Hardcoded password
Better approach:
cache_params:
type: "redis"
host: "redis-18438.c277.us-east-1-3.ec2.redns.redis-cloud.com"
port: 18438
password: ${REDIS_PASSWORD} # โ
Environment variable
This practice protects against credential leaks and ensures sensitive data remains secure across different deployment environments.
Enter the URL of a public GitHub repository