plugin-icon

VESSOT Secure Portable Data

By jonvessot·
VESSOT Secure Portable Data - WordPress Plugin Zero visibility data storage with client-side encryption via the VESSOT platform.
api
data-storage
encryption
Rating
Add a review
Version
1.0.1
Last updated
Dec 2, 2025

VESSOT Secure Portable Data provides a secure way to store and retrieve encrypted data via the VESSOT API. All encryption happens client-side before data is transmitted, ensuring true zero-knowledge data storage.

You need to create an account at https://vessot.tech/ before you can use this plugin.

Features

  • Client-side AES-256-GCM encryption
  • Store, retrieve, update, and destroy encrypted data
  • Support for nested objects and arrays
  • WordPress native HTTP API (no external dependencies)

Requirements

  • PHP 8.2 or higher
  • OpenSSL PHP extension

Setup

Read about the simple account creation steps at https://vessot.tech/how-it-works.

Technical implementation is quick and easy – see the setup guide at https://vessot.tech/setup.

Configuration

The plugin requires two environment variables to be set at the server level. This approach ensures credentials never touch your filesystem or version control.

Required Environment Variables

VESSOT_INT_TOKEN

Your VESSOT API integration token for authentication.

VESSOT_CRYPT_KEY

A 32-byte encryption key for client-side encryption.

Generating an Encryption Key

You can generate a secure encryption key using the plugin’s helper function. Run this once in your WordPress environment:

`php

$vessotData = vessot_secure_portable_data(); $encryptionKey = $vessotData->cryptKeyGenerate(); // Copy this value to use as VESSOT_CRYPT_KEY `

Setting Environment Variables

Choose the method that matches your server setup:

Apache

Add to your virtual host configuration or .htaccess:

`apache

SetEnv VESSOT_INT_TOKEN “your-integration-token-here” SetEnv VESSOT_CRYPT_KEY “your-encryption-key-here” `

Nginx with PHP-FPM

Add to your PHP-FPM pool configuration (usually /etc/php/8.2/fpm/pool.d/www.conf):

`ini

env[VESSOT_INT_TOKEN] = your-integration-token-here env[VESSOT_CRYPT_KEY] = your-encryption-key-here `

Then add to your Nginx server block:

`nginx

location ~ .php$ { fastcgi_param VESSOT_INT_TOKEN $VESSOT_INT_TOKEN; fastcgi_param VESSOT_CRYPT_KEY $VESSOT_CRYPT_KEY; # … other fastcgi_param directives } `

Docker

Add to your docker-compose.yml:

`yaml

services: wordpress: environment: – VESSOT_INT_TOKEN=your-integration-token-here – VESSOT_CRYPT_KEY=your-encryption-key-here `

Or use a .env file (excluded from version control):

`bash

VESSOT_INT_TOKEN=your-integration-token-here VESSOT_CRYPT_KEY=your-encryption-key-here `

Shared Hosting / cPanel

Many hosting providers offer environment variable management through their control panel. Check your hosting provider’s documentation for “Environment Variables” or “PHP Configuration”.

Local Development

For local development, you can use:

Option 1: System environment variables bash export VESSOT_INT_TOKEN="your-dev-token" export VESSOT_CRYPT_KEY="your-dev-key"

Option 2: PHP-FPM configuration (see Nginx section above)

Security Best Practices

  • Use different tokens and keys for each environment (development, staging, production)
  • Never commit environment variables to version control
  • Limit access to server configuration files

Usage

Basic Example

`php

// Get an instance $vessotData = vessot_secure_portable_data();

// Store encrypted data $result = $vessotData->store(‘your_unique_storage_key’, [ ‘theme’ => ‘dark’, ‘notifications’ => true, ’email’ => ‘user@example.com’ ]);

// Retrieve and decrypt data $result = $vessotData->show(‘your_unique_storage_key’); if ($result[‘success’]) { $settings = $result[‘value’]; echo $settings[‘theme’]; // ‘dark’ }

// Update data $result = $vessotData->update(‘your_unique_storage_key’, [ ‘theme’ => ‘light’, ‘notifications’ => false, ’email’ => ‘user@example.com’ ]);

// Partial update (update specific attributes) $result = $vessotData->update(‘your_unique_storage_key’, null, [ ‘theme’ => ‘light’ ]);

// Retrieve specific attribute $result = $vessotData->show(‘your_unique_storage_key’, ‘theme’);

// Delete data $result = $vessotData->destroy(‘your_unique_storage_key’); `

Using in WordPress Hooks

`php

// Store user preferences on profile update add_action(‘profile_update’, function($user_id) { $vessotData = vessot_secure_portable_data(); $preferences = get_user_meta($user_id, ‘preferences’, true);

$result = $vessotData->store("user_preferences_{$user_id}", $preferences); if (!$result['success']) { error_log('Failed to store preferences: ' . $result['error']); }

});

// Retrieve preferences on login add_action(‘wp_login’, function($user_login, $user) { $vessotData = vessot_secure_portable_data(); $result = $vessotData->show(“user_preferences_{$user->ID}”);

if ($result['success']) { update_user_meta($user->ID, 'preferences', $result['value']); }

}, 10, 2); `

API Reference

store($key, $value)

Store encrypted data with a unique key.

Parameters:$key (string): Unique identifier for the data – $value (mixed): Data to encrypt and store (can be string, or data array)

Returns: Array with success, error, code, and value keys

show($key, $attribute = null)

Retrieve and decrypt stored data.

Parameters:$key (string): Unique identifier for the data – $attribute (string|null): Optional specific attribute to retrieve

Returns: Array with success, error, code, and value keys

update($key, $value = null, $attributes = null)

Update existing encrypted data.

Parameters:$key (string): Unique identifier for the data – $value (mixed): New value (for full update) – $attributes (array|null): Specific attributes to update (for partial update)

Returns: Array with success, error, code, and value keys

destroy($key, $attributes = null)

Delete stored data.

Parameters:$key (string): Unique identifier for the data – $attributes (mixed|null): Optional specific attributes to delete

Returns: Array with success, error, code, and value keys

cryptKeyGenerate()

Generate a new encryption key. Returns empty string if key already exists in environment.

Returns: Encryption key or empty string

External Services

This plugin connects to the VESSOT API (https://vessot.tech/api) to store and retrieve encrypted data.

What is VESSOT?

VESSOT is a third-party encrypted data storage service that provides zero-knowledge data storage. The service is provided by VESSOT.

What data is sent?

The plugin sends the following data to the VESSOT API:

  • Encrypted data values: All data is encrypted client-side using AES-256-GCM encryption before transmission. The VESSOT API only receives encrypted ciphertext and never has access to your encryption keys or unencrypted data.
  • Data keys: Unique identifiers you specify for each piece of data (e.g., “user_settings”, “preferences”).
  • Authentication token: Your VESSOT_INT_TOKEN for API authentication.

When is data sent?

Data is transmitted to the VESSOT API when you use any of these functions:

  • vessot_secure_portable_data()->store() – Sends encrypted data to be stored
  • vessot_secure_portable_data()->show() – Retrieves encrypted data
  • vessot_secure_portable_data()->update() – Sends encrypted data updates
  • vessot_secure_portable_data()->destroy() – Requests data deletion

Service Information

  • Service Provider: VESSOT
  • Service Website: https://vessot.tech
  • Terms of Service: https://vessot.tech/terms-conditions
  • Privacy Policy: https://vessot.tech/privacy-policy
  • API Documentation: https://vessot.tech/setup
  • WordPress Setup Guide: https://vessot.tech/wordpress

Account Requirement

You must create a VESSOT account at https://vessot.tech before using this plugin. See https://vessot.tech/how-it-works for account creation steps and https://vessot.tech/wordpress for WordPress-specific setup instructions.

Security Notes

  • All encryption happens client-side before transmission
  • The VESSOT API never has access to unencrypted data or encryption keys
  • Environment variables are set at the server level and never touch the filesystem
  • Each environment should have its own unique tokens and keys
  • Server configuration changes require appropriate restart (Apache reload, PHP-FPM restart, etc.)

Support

For issues and support, visit: https://vessot.tech

License

This plugin is licensed under the GNU General Public License v2 or later.

This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.

This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details.

You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.

Author

VESSOT – https://vessot.tech

Freeon Business plan
Get started
By installing, you agree to WordPress.com Terms of Service and Third-Party plugin Terms.
Tested up to
WordPress 6.9
This plugin is available for download for your site.
Download