{"id":1682,"date":"2021-04-06T02:56:11","date_gmt":"2021-04-06T02:56:11","guid":{"rendered":"https:\/\/meetanshi.com\/blog\/encrypt-and-decrypt-url-parameter-in-magento-2\/"},"modified":"2025-07-17T09:25:03","modified_gmt":"2025-07-17T03:55:03","slug":"encrypt-and-decrypt-url-parameter-in-magento-2","status":"publish","type":"post","link":"https:\/\/meetanshi.com\/blog\/encrypt-and-decrypt-url-parameter-in-magento-2\/","title":{"rendered":"How to Encrypt and Decrypt URL Parameter in Magento 2"},"content":{"rendered":"\n

Magento has the power to create unique, limitless, and engaging shopping experiences while simultaneously offering security, performance, out-of-the-box features, an unlimited ability to customize, and seamless third-party integrations.<\/p>\n\n\n\n

Owing to these benefits,\u00a0Magento 2\u00a0is becoming the most used platform in the E-commerce market.<\/p>\n\n\n\n

Magento offers a secured platform for online shopping. However, Magento 2 stores also have to be secure against those hacking attacks since eCommerce sites are more likely to become victims of a targeted attack by hackers!<\/p>\n\n\n\n

One such way to secure your store is to encrypt and decrypt URL parameter in Magento 2. <\/em><\/strong>Encryption is the process of translating plain text data (plaintext) into something that appears to be random and meaningless (ciphertext) that no one can understand. Decryption is the process of converting ciphertext back to plaintext.<\/p>\n\n\n\n

For example, if the owner wants to delete any particular product by product ID using URL, he passes the URL as shown below:<\/p>\n\n\n\n

http:\/\/127.0.0.1\/mag242sample\/deleteaccount\/index\/deleteacc\/id\/1\/<\/pre>\n\n\n\n
Now, what if any unauthorized person found the URL, passes the parameter, delete all the records, products and destroy our business!<\/p>\n\n\n\n
We are here to rescue your store. To prevent your store from inauthentic access, use the below solution.<\/p>\n\n\n\n
Method to Encrypt and Decrypt URL Parameter in Magento 2:<\/h2>\n\n\n\n
1. Use the below code in the Helper.php <\/strong>file at app\/code\/Vendor\/Module\/Helper.<\/strong><\/p>\n\n\n\n
<?php\n\nnamespace Vendor\\Module\\Helper;\n\nuse Magento\\Framework\\App\\Helper\\AbstractHelper;\nuse Magento\\Framework\\App\\Helper\\Context;\nuse Magento\\Framework\\Url\\DecoderInterface;\nuse Magento\\Framework\\Url\\EncoderInterface;\n\nclass Helper extends AbstractHelper\n{\n    const ENCRYPT = 1;\n    const DECRYPT = 2;\n    \/**\n     * @var EncoderInterface\n     *\/\n    private $urlEncoder;\n    \/**\n     * @var DecoderInterface\n     *\/\n    private $urlDecoder;\n\n    public function __construct(\n        EncoderInterface $urlEncoder,\n        DecoderInterface $urlDecoder,\n        Context $context\n    )\n    {\n        parent::__construct($context);\n        $this->urlEncoder = $urlEncoder;\n        $this->urlDecoder = $urlDecoder;\n    }\n\n    \/**\n     * @param $url\n     * @return string\n     *\/\n    public function encodeUrl($url)\n    {\n        return $this->urlEncoder->encode($url);\n    }\n\n    \/**\n     * @param $url\n     * @return string\n     *\/\n    public function decodeUrl($url)\n    {\n        return $this->urlDecoder->decode($url);\n    }\n\n    \/**\n     * @param $action\n     * @param $string\n     * @return bool|string\n     *\/\n    public function encryptDecrypt($action, $string)\n    {\n        $output = false;\n\n        $encrypt_method = \"AES-128-ECB\";\n        $secret_key = 'This is my secret key';\n\n        $key = hash('sha256', $secret_key);\n\n        if ($action == self::ENCRYPT) {\n            $output = openssl_encrypt($string, $encrypt_method, $key);\n        } elseif ($action == self::DECRYPT) {\n            $output = openssl_decrypt($string, $encrypt_method, $key);\n        }\n\n        return $output;\n    }\n}<\/pre>\n\n\n\n
2. To encrypt data<\/p>\n\n\n\n
private $helper;\n\npublic function __construct(\\Meetanshi\\Deleteaccount\\Helper\\Helper $helper)\n{\n    $this->helper = $helper;\n}\n\npublic function encryptData()\n{\n    $encryptedParam = $this->helper->encryptDecrypt(DATA::ENCRYPT, '<parameter value>');\n    $encryptedParam = $this->helper->encodeUrl($encryptedParam);\n    $urlWithEncryptedData = $this->helper->url->getUrl('your route path') . 'id\/' . $encryptedParam . '\/';\n}<\/pre>\n\n\n\n
After encrypting data, the URL parameter will display as shown below:<\/p>\n\n\n\n
http:\/\/127.0.0.1\/mag242sample\/deleteaccount\/index\/deleteacc\/id\/RU5YVDdSaWllYnFMbm9zYSsyVEZFQT09<\/pre>\n\n\n\n
3. To decrypt data<\/p>\n\n\n\n
\/**\n * @var Helper\n *\/\nprivate $helper;\n\npublic function __construct(\\Meetanshi\\Deleteaccount\\Helper\\Helper $helper)\n{\n    $this->helper = $helper;\n}\n\npublic function decryptData($encryptedParameterValue)\n{\n    $decryptedParam = $this->helper->decodeUrl($encryptedParameterValue);\n    $decryptedParam=str_replace(\" \", \"+\", $decryptedParam);\n    $decryptedParam = $this->helper->encryptDecrypt(DATA::DECRYPT, $decryptedParam);\n}<\/pre>\n\n\n\n
That\u2019s it.<\/p>\n\n\n\n
Also, do not forget to share the post with Magento Community via social media.<\/p>\n\n\n\n
Thank You.<\/p>\n","protected":false},"excerpt":{"rendered":"
Magento has the power to create unique, limitless, and engaging shopping experiences while simultaneously offering security, performance, out-of-the-box features, an unlimited ability to customize, and…<\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[34],"tags":[],"class_list":["post-1682","post","type-post","status-publish","format-standard","hentry","category-magento"],"acf":[],"_links":{"self":[{"href":"https:\/\/meetanshi.com\/blog\/wp-json\/wp\/v2\/posts\/1682","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/meetanshi.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/meetanshi.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/meetanshi.com\/blog\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/meetanshi.com\/blog\/wp-json\/wp\/v2\/comments?post=1682"}],"version-history":[{"count":4,"href":"https:\/\/meetanshi.com\/blog\/wp-json\/wp\/v2\/posts\/1682\/revisions"}],"predecessor-version":[{"id":18144,"href":"https:\/\/meetanshi.com\/blog\/wp-json\/wp\/v2\/posts\/1682\/revisions\/18144"}],"wp:attachment":[{"href":"https:\/\/meetanshi.com\/blog\/wp-json\/wp\/v2\/media?parent=1682"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/meetanshi.com\/blog\/wp-json\/wp\/v2\/categories?post=1682"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/meetanshi.com\/blog\/wp-json\/wp\/v2\/tags?post=1682"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}