{"id":3730,"date":"2024-11-25T11:20:22","date_gmt":"2024-11-25T11:20:22","guid":{"rendered":"https:\/\/meetanshi.com\/blog\/how-to-rotate-encryption-key-in-magento-2\/"},"modified":"2025-05-21T16:32:34","modified_gmt":"2025-05-21T11:02:34","slug":"how-to-rotate-encryption-key-in-magento-2","status":"publish","type":"post","link":"https:\/\/meetanshi.com\/blog\/how-to-rotate-encryption-key-in-magento-2\/","title":{"rendered":"How to Rotate Encryption Key in Magento 2? &#8211; Technical Solution\u00a0"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">Your sensitive data getting into the wrong hands is a true nightmare. <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Using an encryption key, Adobe Commerce and Magento Open Source, protects your store, but rotating the encryption key is essential to improve its security.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Rotating the encryption key simply means changing them.&nbsp;&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">During the initial installation of your Magento 2 store, you might have opted for any one of these two prompts to encrypt and protect your data:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Let Adobe Commerce automatically generate an encryption key<\/li>\n\n\n\n<li>You created a custom key of your own<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Magento recommends you take timely action to rotate your encryption key to avoid any data leak or unauthorized store access.&nbsp;<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Here is how to do it.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">How to Change an Encryption Key on Magento 2?&nbsp;<\/h2>\n\n\n\n<h3 class=\"wp-block-heading\">Step 1: Enable Maintenance Mode &amp; Disable Cron Job&nbsp;<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Firstly, enable the <a href=\"https:\/\/experienceleague.adobe.com\/en\/docs\/commerce-operations\/configuration-guide\/setup\/application-modes?lang=en#maintenance-mode\" target=\"_blank\" rel=\"noreferrer noopener nofollow\">maintenance mode<\/a>.<\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">bin\/magento maintenance:enable<\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">And turn off the cron jobs.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><em>For Cloud infrastructure projects:<\/em><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">.\/vendor\/bin\/ece-tools cron:disable<\/pre>\n\n\n\n<p class=\"wp-block-paragraph\"><em>For On-premises projects<\/em><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">crontab -e<\/pre>\n\n\n\n<h3 class=\"wp-block-heading\">Step 2: Change Your Encryption Key<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Now, from your Magento 2 admin panel, head to <strong>System &gt; Other Settings &gt; Manage Encryption Key.<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">Here, you have two options at the <strong>Auto-generate a Key <\/strong>field:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Select <strong>YES<\/strong> for Magento to generate a new key for you automatically<\/li>\n\n\n\n<li>Select<strong> NO<\/strong> if you want to create a custom key of your choice&nbsp;<\/li>\n<\/ul>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter is-resized\"><img decoding=\"async\" src=\"https:\/\/lh7-rt.googleusercontent.com\/docsz\/AD_4nXftCAY2hxOYEQM3oDCZW57a_XIlL8kydObGh6fflxg4UyeMbOsxR7kWGvPCS3oEtHPJQ2GeC1wAzeAnqOUG-fWwx-RKQ8Ytcw-hZWW90WVU0TRDYpE-mnm13YyE9z-S70WWSu-c1Q?key=RxCzIxGATrYGtXjd47Idrw\" alt=\"Encryption Key on Magento 2 \" style=\"width:786px;height:auto\"\/><\/figure>\n<\/div>\n\n\n<p class=\"wp-block-paragraph\">Enter the custom key in the <strong>New Key<\/strong> field and click <strong>Change Encryption Key<\/strong> to finish the settings.&nbsp;<\/p>\n\n\n\n<h3 class=\"wp-block-heading\">Step 3: General Settings for Encryption Key<\/h3>\n\n\n\n<p class=\"wp-block-paragraph\">Lastly, flush the cache, enable the cron jobs, and disable maintenance mode for your store to start working as usual.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Flush the cache<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><em>For Cloud infrastructure projects:<\/em><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">magento-cloud cc<\/pre>\n\n\n\n<p class=\"wp-block-paragraph\"><em>For On-premises projects:<\/em><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">bin\/magento cache:flush<\/pre>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Enable cron jobs<\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><em>For Cloud infrastructure projects:<\/em><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">.\/vendor\/bin\/ece-tools cron:enable<\/pre>\n\n\n\n<p class=\"wp-block-paragraph\"><em>On-premises projects:<\/em><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">crontab -e<\/pre>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Disable maintenance mode<\/strong><\/p>\n\n\n\n<pre class=\"EnlighterJSRAW\" data-enlighter-language=\"generic\" data-enlighter-theme=\"\" data-enlighter-highlight=\"\" data-enlighter-linenumbers=\"\" data-enlighter-lineoffset=\"\" data-enlighter-title=\"\" data-enlighter-group=\"\">bin\/magento maintenance:disable\n<\/pre>\n\n\n\n<p class=\"wp-block-paragraph\">And that&#8217;s it, your store is safe again.  <\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Things to Keep in Mind While Encryption<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Here is a mini-checklist of things to keep in mind while working with an encryption key:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Take a backup of your current key and save it in a secure location for the future.&nbsp;&nbsp;<\/li>\n\n\n\n<li>Always use a strong and random encryption key.<\/li>\n\n\n\n<li>Since there is no limit to the length, use it wisely.<\/li>\n\n\n\n<li>Rotate every 6 to 12 months, and in case of any security accident, do it immediately.<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Now, go ahead and try this solution yourself.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><strong>Helpful read:<a href=\"https:\/\/meetanshi.com\/blog\/magento-2-security\/\"> A Definitive Guide on Magento 2 Security <\/a><\/strong><\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><div class=\"meetanshi-cta\">\r\n<div class=\"cta-content-wrapper\">\r\n<span>Magento 2 Security Patches Installation<\/span>\r\n<p>Keep your store secure with the latest Magento 2 patches\u2014add them before it\u2019s too late.<\/p>\r\n<a href=\"https:\/\/meetanshi.com\/magento-security-patches-installation-service.html\" target=\"_blank\" class=\"btn-primary\">Add Now <\/a>\r\n<\/div>\r\n<div class=\"cta-image-new\">\r\n<img decoding=\"async\" src=\"https:\/\/meetanshi.com\/blog\/wp-content\/uploads\/2025\/11\/security-patches-installation-service.png\" alt=\"Magento Security Patches Installation Service\">\r\n<\/div>\r\n<\/div><strong><br><\/strong><br><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Your sensitive data getting into the wrong hands is a true nightmare. Using an encryption key, Adobe Commerce and Magento Open Source, protects your store,&#8230;<\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[34],"tags":[],"class_list":["post-3730","post","type-post","status-publish","format-standard","hentry","category-magento"],"acf":[],"_links":{"self":[{"href":"https:\/\/meetanshi.com\/blog\/wp-json\/wp\/v2\/posts\/3730","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/meetanshi.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/meetanshi.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/meetanshi.com\/blog\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/meetanshi.com\/blog\/wp-json\/wp\/v2\/comments?post=3730"}],"version-history":[{"count":2,"href":"https:\/\/meetanshi.com\/blog\/wp-json\/wp\/v2\/posts\/3730\/revisions"}],"predecessor-version":[{"id":13811,"href":"https:\/\/meetanshi.com\/blog\/wp-json\/wp\/v2\/posts\/3730\/revisions\/13811"}],"wp:attachment":[{"href":"https:\/\/meetanshi.com\/blog\/wp-json\/wp\/v2\/media?parent=3730"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/meetanshi.com\/blog\/wp-json\/wp\/v2\/categories?post=3730"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/meetanshi.com\/blog\/wp-json\/wp\/v2\/tags?post=3730"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}