Sitemap - 2022 - Securing Laravel

Security Tip: Multiple Rate Limits

Security Tip: Canary Tokens

OWASP Tip: A10:2021 – Server-Side Request Forgery (SSRF)

OWASP Tip: A09:2021 – Security Logging and Monitoring Failures

OWASP In Depth: A08:2021 – Software and Data Integrity Failures

OWASP Tip: A07:2021 – Identification and Authentication Failures

OWASP Tip: A06:2021 – Vulnerable and Outdated Components

OWASP In Depth: A05:2021 – Security Misconfiguration

OWASP Tip: A04:2021 – Insecure Design

OWASP Tip: A03:2021 – Injection

OWASP Tip: A02:2021 – Cryptographic Failures

OWASP In Depth: A01:2021 - Broken Access Control

Laravel Security: OWASP Top 10 Overview

Security Tip: Finding Secrets

12 months of Laravel Security in Depth

Security Tip: Protecting Production APIs

Do You Support Multi-Factor Authentication?

Security Tip: composer audit

In Depth: Insecure Direct Object References (IDOR)

Security Tip: Leaking Model Existence

Security Discussion: Updating Packages

In Depth: Magic Emails

Security Tip: Watch Out for Type Juggling

Security Tip: Login Logging

Security Tip: Use Route Groups!

Security Tip: Scoping Bindings

In Depth: Signed URLs

Security Tip: Validating HTML & Markdown Input!

Security Tip: Non-production Mail Sending

Security Tip: Be Careful of Auth Helpers!

In Depth: Policy Objects

Security Tip: Cryptographically Secure Randomness

Security Discussion: Are Routes Sensitive Information?

Security Tip: Keep Dependencies Updated

In Depth: Content Security Policy

Security Tip: Don't Hardcode Admin Emails

Security Discussion: Why aren't you using a Content Security Policy?

Security Tip: Avoid Open Redirects!

In Depth: Timing Attacks

Security Tip: Be Careful Of Transliteration

Security Discussion: Is User Enumeration a Risk?

Security Tip: Use Subresource Integrity on Your Resources!

In Depth: Rehashing Passwords

Security Tip: Should You Block Compromised Passwords?

Security Tip: Rate Limit Your Login Forms!