Encrypt OpenSSL Encryption

This module provides an Encryption Method plugin to be used with the Drupal 8 Encrypt module. Accordingly, the plugin uses AES-256-CBC cipher via the OpenSSL PHP extension along with HMAC-SHA256 for authentication of the encrypted data.

For enhanced security, the encrypt()/decrypt() functions are taken directly from this excellent resource Encryption, Authentication & Data Integrity in PHP by Enrico Zimuel.



This module provides a simple two way encryption solution. There are no module dependencies. It uses openssl which is compiled into php (unless explicitly omitted) to encrypt/decrypt using AES-256-CTR.

You can use dependency injection or \Drupal::service('encryption') to get the encryption service. The following is a simple example on how the service can be used:


Security IP

The module is designed to obviate the need to propagate the block of an IP address that is "offensive" across the managed websites portfolio. Whether the websites are hosted at a web agency, or by a third party supplier, or the customer itself among an internal infrastructure.

The aim is to provide a first, but essential, level of protection for those occasions when there is no access to the server.

Node Authorization

Node Authorization allows users to add simple HTTP authorization to individual nodes. This is not a replacement for the user and content access system, just a lightweight alternative to create simple access restrictions on per-node basis. Note that HTTP authorization is not a totally secure system, particularly on non-HTTPS sites. If you require robust security to protect sensitive node content, please use Drupal's more established content access system.


Mobile Number


Mobile Number is a field type that provides mobile number validation and verification, and can be used for two factor authentication.

The module works with SMS Framework and TFA modules for providing verification and two factor authentication, which are both optional.



Subscribe with RSS Subscribe to RSS - Security