Security Tips
Security Tip: Default Password Rules
[Tip #11] Why duplicate password validation rules across your app when you can define defaults once?
Latest
In Depth
In Depth #4: Guessing Placeholders For Malicious Purposes
Placeholders are incredibly useful, but you need to be careful with them.
Security Tips
Security Tip: Selectively Stage and Commit Changes
[Tip#10] You should always selectively stage changes, to avoid committing secrets or debug code and pushing to prod.
Security Tips
Security Tip: Publish a security.txt!
[Tip #9] security.txt is a simple way to share your security contacts to make vulnerability reporting easier.
Newsletter
Oops, broken link...
The teams discount link was broken
Newsletter
Laravel Security in Depth > Black Friday > 25% / 50% off > Forever ⭐
Get 25% off individual subscriptions, or 50% off teams. Forever.
Security Tips
Security Tip: Sensitive Model Attributes
[Tip #8] We need to be careful of sensitive data and where it gets passed around, especially when it relates to models and Javascript.
Newsletter
Laravel Security: File Upload Vulnerability
Explaining that Laravel Image File Upload Vulnerability...
In Depth
In Depth #3: Escaping Output Safely
Cross-Site Scripting (XSS) is a major concern - if someone can run their own code in your users browsers, they can do whatever they like...
Security Tips
Security Tip: Don’t Trust User Input!
[Tip #7] Always pass user input through a validator to ensure you only get the data you're expecting.
Security Tips
Security Tip: Disable Dev & Test Commands in Production
[Tip #6] Because sometimes being paranoid is a good thing.
In Depth
In Depth #2: SQL Injection (SQLi)
Let's dive into SQL Injection, learn how it works, and what we can do with it.