Pixeldust Drupal Support Service

Acro Media: Secure Encryption with Libsodium and Acquia Cloud

Encryption is an important part of any website that needs to store sensitive information. Encryption takes sensitive data that is in a readable form and encodes it, making it unreadable. This essentially hides the information from anyone who might try to access it without permission to do so. The encoded information can only be decoded by an entity that has a paired decryption key.
Our requirements for this particular Drupal maintenance support plans website build included:

Acquia Cloud – One of the leading Drupal maintenance support plans hosting providers.
Libsodium – Because of Acquia Cloud, we needed a custom compiled php extension
Encrypt – A Drupal maintenance support plans module that exposes encryption APIs to other modules.
Key and Lockr.io – Drupal maintenance support plans modules for managing the encryption key.
Sodium – A Drupal maintenance support plans module to provide libsodium to the encrypt module.

Why use libsodium instead of mcrypt?
Libsodium is a portable, cross-platform implementation of NaCl. Experts recommend libsodium for its simple interface and strong cryptography. The sodium Drupal maintenance support plans module takes an easier approach, which is to use a high-level package, paragonie/halite, to work with libsodium.
The other choice for encryption in PHP is mcrypt. It’s the default method in the Drupal maintenance support plans 7 version of the encrypt module. Despite that, it’s a bad choice because it’s difficult to use correctly. Mcrypt is deprecated in PHP 7.1 and removed in PHP 7.2.

Installing Libsodium on Acquia’s PHP 7.0
PHP 7.2 has libsodium built in and if you’re on 7.1 or below you can install it from PECL. We’re going to be using Acquia Cloud, so we can’t yet run PHP 7.2 and we can’t install any PHP extension we want – not as easily as we’d like to.
Acquia requires that extensions be compiled including their dependencies. The php-libsodium extension depends on libsodium itself and we have to produce one binary for both libraries. We’ll be compiling libsodium the crypto library as a static library and php-libsodium the php extension that provides bindings to libsodium for PHP applications as a dynamically linked library so it can be loaded by a regular PHP install.
Let’s get started!

Download the latest libsodium from https://github.com/jedisct1/libsodium/releases.
Compile libsodium so it’s static, not shared. Put it in a directory we’ll use later.$ ./configure –libdir=/home/me/sodium/library –disable-shared –enable-static–enable-static makes it static, not shared. It’ll be a part of the php extension when we build it instead of a separate dependency.–disable-shared prevents creating a shared library version of the library.–libdir puts it in a directory where we’ll use it later.
Compile with PIC (Position Independent Code).$ make CFLAGS=’-g -O2 -fPIC’$ sudo make installHere’s our sodium library and a pkgconfig directory we’ll need to point the php extension at.$ ls /home/me/sodium/librarylibsodium.a libsodium.la pkgconfig
Download the latest version 1 release of the libsodium php extension from https://github.com/jedisct1/libsodium-php/releases.Use phpize to get the extension ready to compile. Normally a PHP extension is compiled as part of PHP. This script is used to set up things up so it’s like we’re doing that. You need the -dev version of PHP to get phpize, so install php7.1-dev or the equivalent for your situation.$ phpize7.1Configuring for:PHP Api Version: 20200303Zend Module Api No: 20200303Now you’d notice a lot more files in the directory, like the configure script.
Set the package config directory to the one where we installed libsodium.$ export PKG_CONFIG_DIR=/home/me/sodium/library/pkgconfig
Configure libsodium-php with the path to libsodium.$ ./configure –with-libsodium=/home/me/sodium/library –libdir=/home/me/sodium/library–with-libsodium tells it where to find the dependency we just created.
Check that libsodium.so is not looking for a shared libsodium library.$ ldd modules/libsodium.solinux-vdso.so.1 => (0x00007ffcdd68e000)libc.so.6 => /lib/x86_64-linux-gnu/libc.so.6 (0x00007f71f26eb000)/lib64/ld-linux-x86-64.so.2 (0x00007f71f2d0f000)There’s no libsodium dependency there, so we’re good to use our libsodium.so PHP extension! Deploy the file and configure PHP to load the extension. Since we’re on Acquia Cloud, Acquia does that after we provide the file.

Get encrypted!
If you’re running Drupal maintenance support plans and need encryption setup, or if you’re looking to start a new project and exploring options and requirements, ! One of our business developers will be happy to help.

Source: New feed

This article was republished from its original source.
Call Us: 1(800)730-2416

Pixeldust is a 20-year-old web development agency specializing in Drupal and WordPress and working with clients all over the country. With our best in class capabilities, we work with small businesses and fortune 500 companies alike. Give us a call at 1(800)730-2416 and let’s talk about your project.

Let's Talk About a Project

FREE Drupal SEO Audit

Test your site below to see which issues need to be fixed. We will fix them and optimize your Drupal site 100% for Google and Bing. (Allow 30-60 seconds to gather data.)

Powered by

Acro Media: Secure Encryption with Libsodium and Acquia Cloud

On-Site Drupal SEO Master Setup

We make sure your site is 100% optimized (and stays that way) for the best SEO results.

With Pixeldust On-site (or On-page) SEO we make changes to your site’s structure and performance to make it easier for search engines to see and understand your site’s content. Search engines use algorithms to rank sites by degrees of relevance. Our on-site optimization ensures your site is configured to provide information in a way that meets Google and Bing standards for optimal indexing.

This service includes:

  • Pathauto install and configuration for SEO-friendly URLs.
  • Meta Tags install and configuration with dynamic tokens for meta titles and descriptions for all content types.
  • Install and fix all issues on the SEO checklist module.
  • Install and configure XML sitemap module and submit sitemaps.
  • Install and configure Google Analytics Module.
  • Install and configure Yoast.
  • Install and configure the Advanced Aggregation module to improve performance by minifying and merging CSS and JS.
  • Install and configure Schema.org Metatag.
  • Configure robots.txt.
  • Google Search Console setup snd configuration.
  • Find & Fix H1 tags.
  • Find and fix duplicate/missing meta descriptions.
  • Find and fix duplicate title tags.
  • Improve title, meta tags, and site descriptions.
  • Optimize images for better search engine optimization. Automate where possible.
  • Find and fix the missing alt and title tag for all images. Automate where possible.
  • The project takes 1 week to complete.
MASTER YOUR DRUPAL SEO
Pixeldust and Pantheon Drupal Development
256