Welcome to our support section! Even though Lockr is an easy-to-use plugin for WordPress or Drupal, occasionally users have challenges getting it going. Below are some resources to help guide you through the installation process.

Lockr removes the key from your site code and database and stores it in a secure and certified key manager. When your site needs the key for an encryption/decryption or API request, Lockr uses the your hosting provides server’s certificate to authenticate on your behalf and release the key. If your hosting provider is not supported by Lockr, please contact support via Slack, Twitter or our contact form so we can create a custom certificate of authority for your site.

Install Lockr via the Lockr Terminus Plugin

The Lockr Terminus plugin allows you to install all necessary components, register the site with Lockr, and patch all relevant plugins/modules running on your site with a single Terminus command. To enable the Terminus plugin, complete these steps in your local environment:

  1. Clone the Lockr Terminus plugin into the ~/terminus/plugins directory on your local environment.
  2. Log in with Terminus.
terminus auth login [<email>] [--password=<value>] [--machine-token=<value>]
  1. Run the following command:
terminus lockdown [<Lockr account email>] --password=[<Lockr account password>]
  1. Select the site for the install. It will now detect the CMS, download and install all necessary components, register the site, and patch all relevant plugins in your site.

It's that simple! One command and your site is set up. After successfully installing and registering Lockr, you will see a confirmation on the Configuration page that the site is registered. You are now able to set keys through the Admin interface for site's that have been registered. Alternatively, you can follow the steps below for the CMS your site uses to install and configure Lockr.

WordPress Installation

Lockr is automatically configured to secure API keys for numerous third-party plugins for seamless integration and securing of your keys. Visit the GitHub page for a list of plugins that can be automatically patched.

  1. Set the connection mode to SFTP for the Dev or Multidev environment via the Pantheon Dashboard or with Terminus:

    terminus site set-connection-mode --mode=sftp
    
  2. Install and activate the Lockr plugin from within the Dev or Multidev environment's WordPress Dashboard (/wp-admin/plugin-install.php?tab=search&s=lockr) or with Terminus:

    terminus wp 'plugin install lockr --activate'
    
  3. Click Lockr from within the WordPress Dashboard to visit the Lockr Configuration page (/wp-admin/admin.php?page=lockr-site-config):

WP Lockr Configuration Example

  1. Enter your email address, and click Register Site.
  2. Create keys within Lockr > Add Keys and manage existing keys within Lockr > All Keys.
  3. Visit the Lockr patch library for the latest patches to your favorite plugins or apply patches with Terminus:

    terminus wp 'lockr lockdown'
    

WP-CLI Commands

The Lockr plugin contains a number of WP-CLI commands to quickly register a site and get a key through the command line.

terminus wp 'lockr register-site --email=[<Lockr email address>] --password=[<Lockr account password>]'

This command will register the site with Lockr to the email address provided. The password is only necessary for existing Lockr accounts. This is useful for automated deployment from a custom upstream using Quicksilver.

terminus wp 'lockr lockdown'

Run this command and Lockr will go to the patch library and automatically patch your existing plugins that do not currently integrate natively with Lockr.

terminus wp 'lockr get-key [key name]'

Run this command to get and decrypt a key from Lockr. This is a useful command to program in automated functionality in Quicksilver.

terminus wp 'lockr set-key --name=[key name] --label=[key label] --value=[key value]'

This command encrypts a key and sends it to Lockr. This is useful during site migrations or automated deployments of new sites through Quicksilver.

Drupal Installation

Pairing together the Lockr, Encrypt, and Key modules allow Drupal to take advantage of best security practices of separating the keys away from the data they protect.

Lockr is currently available for Drupal 7 and Drupal 8 (development release). See the project's Github page for a list of modules that can be automatically patched.

  1. Set the connection mode to SFTP for the Dev or Multidev environment via the Pantheon Dashboard or with Terminus:

    terminus site set-connection-mode --mode=sftp
    
  2. Install the Lockr module and the required Key module by uploading files to the modules directory (Drupal 7: /sites/all/modules/contrib Drupal 8: /modules/contrib) or using the Drupal interface.

  3. Go to the modules page (/admin/modules) and enable both modules.

  4. Navigate to the Lockr configuration page (/admin/config/system/lockr):

    Drupal Lockr Configuration example

  5. Enter your email address and click Sign Up.

Drush Commands

Use Drush to download and install Lockr in a few simple commands.

terminus drush 'dl lockr'
terminus drush 'en lockr'
terminus drush 'lockr-register --email=[<Lockr account email >] --password=[<Lockr account password>]'

This command registers the site with Lockr to the email address provided. The password is only necessary for email addresses already with a Lockr account. This is useful for automated deployment from a custom upstream using Quicksilver.

terminus drush 'lockr-lockdown'

Run this command and Lockr will go to a patch library and automatically patch your existing plugins that do not currently integrate natively with Lockr.