How do I stop Claude from accidentally connecting to my production DB?

Don't put production credentials in app/etc/env.php on the dev box — ever. Use a separate app/etc/env.php.prod that lives only on the live VPS. In the Docker dev image, point env.php at db (the docker-compose hostname), not at the live host. Add a PreToolUse hook that greps any Bash command for production hostnames or admin URLs and blocks: echo $CLAUDE_TOOL_INPUT | grep -qE 'prod\\.example\\.com|72\\.62\\.247' && exit 2. Belt-and-suspenders again — one rule for the network layer, one rule for the agent layer.