Archive - Laravel Security In Depth

New Top Discussion

[Tip#36] Encoding/serialising data can be risky if you're not using the correct functions.

Stephen Rees-Carter

Feb 2

January 2023

[Tip#35] It's easy to make innocent changes to one part of your app and forget to check how that flows into other parts of your app

Stephen Rees-Carter

Jan 26

[Tip#34] In September, Laravel 9.32 added the ability to encrypt environment files... but do you need to use it?

Stephen Rees-Carter

Jan 17

[InDepth#12] In November 2022, Steve McDougall published a tutorial called "Creating a Password Generator"... we're going to audit his code!

Stephen Rees-Carter

Jan 9

[Tip#33] We can easily restrict access to files on remote storage like S3, but what about local files?

Stephen Rees-Carter

Jan 1

December 2022

[Tip#32] For times when one rate limit just won't do!

Stephen Rees-Carter

Dec 24, 2022

[Tip#31] These are my favourite simple security trick to let you know if someone is poking around in your stuff.

Stephen Rees-Carter

Dec 16, 2022

Our final entry in the OWASP Top 10 series - be aware of what your servers can access!

Stephen Rees-Carter

Dec 7, 2022

November 2022

You do have logging enabled, right?

Stephen Rees-Carter

Nov 29, 2022

It's a three-in-one for the third last entry into our OWASP Top 10 series!

Stephen Rees-Carter

Nov 21, 2022

Don't get confused with authorisation, we're talking authENTICation this week.

Stephen Rees-Carter

Nov 13, 2022

Keep your stuff updated!!

Stephen Rees-Carter

Nov 5, 2022

#nojs-banner { position: fixed; bottom: 0; left: 0; padding: 16px 16px 16px 32px; width: 100%; box-sizing: border-box; background: red; color: white; font-family: -apple-system, "Segoe UI", Roboto, Helvetica, Arial, sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol"; font-size: 13px; line-height: 13px; } #nojs-banner a { color: inherit; text-decoration: underline; } This site requires JavaScript to run correctly. Please turn on JavaScript or unblock scripts