Subscribe
Sign in
Home
Notes
Practical Laravel Security
Laravel Security Audits
In Depths
Tips
Audits Top 10
OWASP Top 10
Archive
Leaderboard
About
Audits Top 10
New
In Depth: Storing Environment Variables Safely
[InDepth#17] Let's dive deep into the wonderful world of storing environment variables safely, looking at the different options Laravel supports and…
Stephen Rees-Carter
Jun 19
2
Share this post
In Depth: Storing Environment Variables Safely
securinglaravel.com
Copy link
Facebook
Email
Notes
Other
Security Tip: Test for Missing Authorisation
[Tip#48] We write tests for everything else, so why not write tests for authorisation as well?
Stephen Rees-Carter
Jun 10
4
Share this post
Security Tip: Test for Missing Authorisation
securinglaravel.com
Copy link
Facebook
Email
Notes
Other
5
Security Tip: Getting Started with Content Security Policies
[Tip#47] Setting up a CSP doesn't have to be a daunting task! Let's take a look at a tips for getting started with CSPs, without breaking anything!
Stephen Rees-Carter
Jun 2
3
Share this post
Security Tip: Getting Started with Content Security Policies
securinglaravel.com
Copy link
Facebook
Email
Notes
Other
Security Tip: Security Headers are Layers of Defence
[Tip#46] Security headers add important layers of defence to your apps, preventing data leaks, XSS and CSRF attacks, clickjacking, and more... Why are…
Stephen Rees-Carter
May 25
2
Share this post
Security Tip: Security Headers are Layers of Defence
securinglaravel.com
Copy link
Facebook
Email
Notes
Other
4
In Depth: What Are Insecure Functions?
[InDepth#16] According to random folks on the internet (i.e. social media), "insecure functions" are a wide and varied concept. Let's take a look at the…
Stephen Rees-Carter
May 17
Share this post
In Depth: What Are Insecure Functions?
securinglaravel.com
Copy link
Facebook
Email
Notes
Other
Security Tip: Replace Simple Dependencies
[Tip#45] The more dependencies your project has, the higher your risk of supply-chain attack is, and the less you're aware of what code is actually…
May 9
4
Share this post
Security Tip: Replace Simple Dependencies
securinglaravel.com
Copy link
Facebook
Email
Notes
Other
1
Security Tip: Avoiding XSS with HtmlString
[Tip#44] Checkout that one simple trick... I mean... This is my favourite way to avoid XSS.
Stephen Rees-Carter
May 1
1
Share this post
Security Tip: Avoiding XSS with HtmlString
securinglaravel.com
Copy link
Facebook
Email
Notes
Other
Security Tip: Don't Forget Rate Limiting
[Tip#43] It's essential for limiting bot attacks, and don't forget it on other sensitive routes like authentication...
Stephen Rees-Carter
Apr 23
3
Share this post
Security Tip: Don't Forget Rate Limiting
securinglaravel.com
Copy link
Facebook
Email
Notes
Other
In Depth: Mass-Assignment Vulnerabilities
[InDepth#15] There is a false confidence about mass-assignment vulnerabilities that hides how easy it is for them to occur and be exploited...
Stephen Rees-Carter
Apr 15
2
Share this post
In Depth: Mass-Assignment Vulnerabilities
securinglaravel.com
Copy link
Facebook
Email
Notes
Other
Security Tip: Validating Array Inputs
[Tip#42] Validating single values is easy, but what about arrays?
Apr 7
5
Share this post
Security Tip: Validating Array Inputs
securinglaravel.com
Copy link
Facebook
Email
Notes
Other
This site requires JavaScript to run correctly. Please
turn on JavaScript
or unblock scripts
