Home > Back-end >  How do I use separate recaptcha keys for development and production
How do I use separate recaptcha keys for development and production

Time:08-27

It says in the docs they recommend to use separate keys for development and production I have my site keys stored in .env

CodePudding user response:

I have my site keys stored in .env

dotenv is only supposed to be used for development. It's a convenience for developers to be able to set environment variables. However, because it is a file on disk it loses the security advantages and configuration convenience of environment variables. It should not be checked into version control, and it should not be deployed to production.

For production, put your secrets in environment variables. Most cloud production environments include convenient interfaces to set environment variables for your deployments.

Alternatively, put your secrets in Rails encrypted credentials.

CodePudding user response:

Just use different .env file on your server

Or create .env.production file. If you use dotenv gem, it has higher priority

https://github.com/bkeepers/dotenv#what-other-env-files-can-i-use

Of course both files must be git ignored

Or use rails credentials. In new rails (probably since 6.0) you can use different credentials in different environments

  • Related