Laravel Security In Depth
Subscribe
Sign in
Home
Archive
About
More
return
;
New
Top
Discussion
Security Tip: Non-production Mail Sending
[Tip#21] It may seem strange but non-production mail can be a security risk.
Stephen Rees-Carter
May 12
Comment
2
Share
Share this post
Security Tip: Non-production Mail Sending
larasec.substack.com
Copy link
Twitter
Facebook
Email
Security Tip: Be Careful of Auth Helpers
[Tip#20] Laravel's helpers are great, but make sure you know everything they do before you use them.
Stephen Rees-Carter
May 4
Comment
Share
Share this post
Security Tip: Be Careful of Auth Helpers
larasec.substack.com
Copy link
Twitter
Facebook
Email
In Depth: Policy Objects
[InDepth#8] Policy Objects are incredibly powerful. Use them.
Stephen Rees-Carter
Apr 26
1
Comment
Share
Share this post
In Depth: Policy Objects
larasec.substack.com
Copy link
Twitter
Facebook
Email
Security Tip: Cryptographically Secure Randomness
[Tip#19] Because all randomness should be cryptographically secure.
Stephen Rees-Carter
Apr 18
1
Comment
Share
Share this post
Security Tip: Cryptographically Secure Randomness
larasec.substack.com
Copy link
Twitter
Facebook
Email
Security Discussion: Are Routes Sensitive Information?
For this week’s security discussion, I want to pose an interesting question: Are routes sensitive information? Routes contain a map of your enti…
Stephen Rees-Carter
Apr 10
Comment
2
Share
Share this post
Security Discussion: Are Routes Sensitive Information?
larasec.substack.com
Copy link
Twitter
Facebook
Email
Security Tip: Keep Dependencies Updated
[Tip#18] Dependencies are security risks, especially if you have a lot of them or don't keep them updated...
Stephen Rees-Carter
Apr 3
1
Comment
Share
Share this post
Security Tip: Keep Dependencies Updated
larasec.substack.com
Copy link
Twitter
Facebook
Email
In Depth: Content Security Policy
[InDepth#7] Content Security Policies are an incredibly powerful security feature built into the browser, and as it turns out, they are also pretty easy…
Stephen Rees-Carter
Mar 29
1
Comment
Share
Share this post
In Depth: Content Security Policy
larasec.substack.com
Copy link
Twitter
Facebook
Email
Security Tip: Don't Hardcode Admin Emails
[Tip#17] It's easy to forget to update the admins list when it changes...
Stephen Rees-Carter
Mar 17
2
Comment
Share
Share this post
Security Tip: Don't Hardcode Admin Emails
larasec.substack.com
Copy link
Twitter
Facebook
Email
Security Discussion: Why aren't you using a Content Security Policy?
This week I want to discuss Content Security Policies (CSP). I’ve had them on my list to tackle in an In Depth for a while, and getting a feelin…
Stephen Rees-Carter
Mar 9
1
Comment
Share
Share this post
Security Discussion: Why aren't you using a Content Security Policy?
larasec.substack.com
Copy link
Twitter
Facebook
Email
Security Tip: Open Redirects
[Tip#16] Ever clicked a link that looked legitimate, but took you somewhere unexpected?
Stephen Rees-Carter
Mar 1
Comment
Share
Share this post
Security Tip: Open Redirects
larasec.substack.com
Copy link
Twitter
Facebook
Email
Laravel Security In Depth: Timing Attacks
[InDepth#6] You can use response timing to infer important information... in this post we dive into timing attacks in Password Resets and more.
Stephen Rees-Carter
Feb 21
1
Comment
Share
Share this post
In Depth: Timing Attacks
larasec.substack.com
Copy link
Twitter
Facebook
Email
Security Tip: Be Careful Of Transliteration
[Tip#15] Because we don't already have enough to worry about, without also needing to factor in other characters and emoji too...
Stephen Rees-Carter
Feb 13
3
Comment
Share
Share this post
Security Tip: Be Careful Of Transliteration
larasec.substack.com
Copy link
Twitter
Facebook
Email
This site requires JavaScript to run correctly. Please
turn on JavaScript
or unblock scripts