Sitemap - 2023 - Securing Laravel
Security Tip: Use HMAC Hashes To Verify Data
Security Tip: Do You Really Need a Hash for That?
Security Tip: Escape Output with e(), htmlspecialchars(), & htmlentities()!
Security Tip: Is `strip_tags()` Secure?
In Depth: Securing Apps on Forge
Security Tip: Protect Your .env File
Security Tip: Don't Log Sensitive Data
Security Tip: Hide Sensitive Parameters from Stack Traces
Security Tip: Disable Debug Mode on World-accessible Apps
In Depth: Adding Rehashing to Laravel
Security Tip: Increase Your bcrypt Rounds
Security Tip: Watch Out for Command Injection
Security Tip: Compare keys with hash_equals()
2 years of Securing Laravel / Laravel Security In Depth!
In Depth: "Th1nk Lik3 a H4cker" Walkthrough (part 2)
Security Tip: Avoiding Filename Collisions
Security Tip: Hijacking Domains, the Easy Way?
Security Tip: Bypassing CSRF Protection with File Uploads
In Depth: "Th1nk Lik3 a H4cker" Walkthrough (part 1)
Security Tip: HTML autocomplete Attribute
Security Tip: Validate Your Webhooks!
Security Tip: Watch out for Resource Authorisation
OpenLampTech - Developer Interview with Stephen Rees-Carter
Security Tip: Disable Dev Tools on Prod
In Depth: Storing Environment Variables Safely
Security Tip: Test for Missing Authorisation
Security Tip: Getting Started with Content Security Policies
Security Tip: Security Headers are Layers of Defence
Laravel Security In Depth → Securing Laravel
In Depth: What Are Insecure Functions?
Security Tip: Replace Simple Dependencies
Security Tip: Avoiding XSS with HtmlString
Security Tip: Don't Forget Rate Limiting
In Depth: Mass-Assignment Vulnerabilities
Security Tip: Validating Array Inputs
Security Tip: Safely Rendering JSON in Blade
In Depth: Securing Randomness Without Breaking Things
Security Tip: Retrieving Request Values
Security Tip: Casting Request Values
Security Tip: Timebox for Timing Attacks
Security Tip: New Password Generator
In Depth: Stealing Password Tokens with Forwarded Host Poisoning
Security Tip: Encoding/Serialising Data
Security Tip: Leaking Data After Changes
Security Tip: Encrypting Environment Files?