In Depth
In Depth #2: SQL Injection (SQLi)
Let's dive into SQL Injection, learn how it works, and what we can do with it.
Latest
Security Tips
Security Tip: The Cookie ‘Secure’ Flag
[Tip #5] Don't forget to configure your cookies for to only work over HTTPS.
Security Tips
Security Tip: Why Parameterised Queries Are Important!
[Tip #4] We're following the theme of reminders for simple features that are easy to overlook with a reminder to use Parameterised Queries!
Security Tips
Security Tip: Store Sensitive Config in .env!
[Tip #3] Laravel's config files are great, but don't forget to put sensitive values (i.e. secrets, passwords, tokens, etc) in your .env file!
Security Tips
Security Tip: Don't Forget About Policy Filters!
[Tip#2] Policy Filters let you implement shared authorisation checks across your entire policy without repeating code in every method.
In Depth
In Depth: Encryption
[InDepth#1] Let's take a look at how Encryption works in Laravel, where it's used, and how you can use it within your applications.
Security Tips
Security Tip: Custom Encryption Keys for Cast Model Attributes
[Tip#1] A simple but quite important tip, how to use a custom encryption key for encrypted casting within Models.
Newsletter
Welcome to Laravel Security in Depth
Each month we'll cover an aspect of Laravel security in depth, with weekly tips to fill in the gaps.