Security Tip: Disable Dev & Test Commands in Production
[Tip#6] Because sometimes being paranoid is a good thing.
This week we’re shifting gears with a reminder around dev and test commands in production. It helps being paranoid about security, and I’m always worried about accidently triggering a dev command on prod, so this Security Tip is something I’ve been doing for years.
Ensure Your Dev & Test Artisan Commands Are Disabled in Production
If you’re like me, you’ll have some Artisan commands in your projects that run development and/or testing tasks. These commands manipulate data in some way and are definitely not safe to run on production.
This is what I do to stop dev & test Artisan commands being accidently run:
Keep reading with a 7-day free trial
Subscribe to Laravel Security In Depth to keep reading this post and get 7 days of free access to the full post archives.