Subscribe
Sign in
Home
Practical Laravel Security
Laravel Security Audits
In Depths
Tips
Audits Top 10
OWASP Top 10
Archive
Leaderboard
About
Audits Top 10
In Depth: Storing Environment Variables Safely
[InDepth#17] Let's dive deep into the wonderful world of storing environment variables safely, looking at the different options Laravel supports and…
Jun 19, 2023
•
Stephen Rees-Carter
2
Share this post
In Depth: Storing Environment Variables Safely
securinglaravel.com
Copy link
Facebook
Email
Note
Other
3
Security Tip: Test for Missing Authorisation
[Tip#48] We write tests for everything else, so why not write tests for authorisation as well?
Jun 10, 2023
•
Stephen Rees-Carter
4
Share this post
Security Tip: Test for Missing Authorisation
securinglaravel.com
Copy link
Facebook
Email
Note
Other
5
Security Tip: Getting Started with Content Security Policies
[Tip#47] Setting up a CSP doesn't have to be a daunting task! Let's take a look at a tips for getting started with CSPs, without breaking anything!
Jun 2, 2023
•
Stephen Rees-Carter
5
Share this post
Security Tip: Getting Started with Content Security Policies
securinglaravel.com
Copy link
Facebook
Email
Note
Other
Security Tip: Security Headers are Layers of Defence
[Tip#46] Security headers add important layers of defence to your apps, preventing data leaks, XSS and CSRF attacks, clickjacking, and more... Why are…
May 25, 2023
•
Stephen Rees-Carter
2
Share this post
Security Tip: Security Headers are Layers of Defence
securinglaravel.com
Copy link
Facebook
Email
Note
Other
4
In Depth: What Are Insecure Functions?
[InDepth#16] According to random folks on the internet (i.e. social media), "insecure functions" are a wide and varied concept. Let's take a look at the…
May 17, 2023
•
Stephen Rees-Carter
Share this post
In Depth: What Are Insecure Functions?
securinglaravel.com
Copy link
Facebook
Email
Note
Other
Security Tip: Replace Simple Dependencies
[Tip#45] The more dependencies your project has, the higher your risk of supply-chain attack is, and the less you're aware of what code is actually…
May 9, 2023
4
Share this post
Security Tip: Replace Simple Dependencies
securinglaravel.com
Copy link
Facebook
Email
Note
Other
1
Security Tip: Avoiding XSS with HtmlString
[Tip#44] Checkout that one simple trick... I mean... This is my favourite way to avoid XSS.
May 1, 2023
•
Stephen Rees-Carter
1
Share this post
Security Tip: Avoiding XSS with HtmlString
securinglaravel.com
Copy link
Facebook
Email
Note
Other
Security Tip: Don't Forget Rate Limiting
[Tip#43] It's essential for limiting bot attacks, and don't forget it on other sensitive routes like authentication...
Apr 23, 2023
•
Stephen Rees-Carter
3
Share this post
Security Tip: Don't Forget Rate Limiting
securinglaravel.com
Copy link
Facebook
Email
Note
Other
In Depth: Mass-Assignment Vulnerabilities
[InDepth#15] There is a false confidence about mass-assignment vulnerabilities that hides how easy it is for them to occur and be exploited...
Apr 15, 2023
•
Stephen Rees-Carter
2
Share this post
In Depth: Mass-Assignment Vulnerabilities
securinglaravel.com
Copy link
Facebook
Email
Note
Other
Security Tip: Validating Array Inputs
[Tip#42] Validating single values is easy, but what about arrays?
Apr 7, 2023
5
Share this post
Security Tip: Validating Array Inputs
securinglaravel.com
Copy link
Facebook
Email
Note
Other
Share
Copy link
Facebook
Email
Note
Other
This site requires JavaScript to run correctly. Please
turn on JavaScript
or unblock scripts