Securing Laravel
  • Home
  • In Depth Articles
  • Security Tips
  • Archives
  • About
  • Sponsor
  • Laravel Security Audits & Pentests
  • Practical Laravel Security Course
Sign in Subscribe
Newsletter

Black Friday Special Offer (yes, I know, another one!)

Get 25% off Laravel Security in Depth forever! 🥳

Stephen Rees-Carter

Stephen Rees-Carter

21 Nov 2022 — 2 min read
Black Friday Special Offer (yes, I know, another one!)

This post is for subscribers only

Subscribe now

Already have an account? Sign in

Read more

In Depth: A Deep Dive into Laravel's New Starter Kits! (pt 2)

In Depth: A Deep Dive into Laravel's New Starter Kits! (pt 2)

[In Depth #36] It's time to review the Livewire Volt, Vue, and React Starter Kits! Let's see what vulnerabilities are hiding under the surface, and just how easy it is to fix them... 🧐

lock-1 By Stephen Rees-Carter 27 Jun 2025
Security Tip: Eloquent Casting to HtmlString!

Security Tip: Eloquent Casting to HtmlString!

[Tip #114] One of my favourite Laravel features, the humble HtmlString, is now available as an Eloquent Cast - which should make it much more accessible! 🎉 But there is a catch... 😟

By Stephen Rees-Carter 11 Jun 2025
Security Tip: Don't Generate Your Own Passwords!

Security Tip: Don't Generate Your Own Passwords!

[Tip #113] "Don't Roll Your Own Crypto" applies to password generators too! It's way too easy to unknowingly lower your entropy by trying to be clever... 😱

By Stephen Rees-Carter 03 Jun 2025
Security Tip: Don't Use phpinfo()!

Security Tip: Don't Use phpinfo()!

[Tip #112] It may seem like a harmless debugging tool, with a bunch of boring config values and version numbers, but phpinfo() is a goldmine of sensitive data - even when it's "protected" in an admin account! 😈

By Stephen Rees-Carter 26 May 2025
Securing Laravel
  • Subscribe
  • In Depth Articles
  • Security Tips
  • Archives
  • Sponsor
  • Stephen's Socials
Powered by Ghost

Securing Laravel

The essential security resource for Laravel developers.