Security

Using private Composer packages in your application

When your application uses private Composer packages from repositories like Private Packagist, GitHub, GitLab, or Bitbucket, you need to configure authentication during the build process. Environment secrets are only available during the build process, not at application runtime, which means authentication tokens like COMPOSER_AUTH work for installing packages during the build but won't be present when your application runs.

Security Best Practices

Essential security practices for applications deployed on Ploi Cloud.