Security Tips
Security Tip: Auto-Secure Cookies FTW! ๐
[Tip #92] One of my personal pet peeves in Laravel has finally been fixed! The Secure cookie attribute will now match the request protocol! ๐ (I'm excited, can you tell?)
Security Tips
Security Tip: Prohibiting Destructive Commands on Production
[Tip #83] It's important to be paranoid when it comes to production environments - because if you forget you're logged into prod, you may end up dropping a database... or worse! ๐ฑ
Security Tips
Security Tip #78: Laravel 11's Per-Second Rate Limiting
Up until now, Laravel has only supported rate limiting per-minute, but that didn't work in some scenarios, as a minute is a very long time. To solve this, Laravel 11 supports per-second!
Security Tips
Security Tip: Laravel 11's Prompt Validation Rules
[Tip #77] We often talk about validating user input from the browser, but what about user input on the command line? Validation is just as useful there too!
Security Tips
Security Tip: Laravel 11's Automatic Password Rehashing
[Tip #76] Let's check out three of the configuration options available as part of Automatic Password Rehashing: custom fields, disabling rehashing, and changing bcrypt rounds.
In Depth
In Depth: Graceful Encryption Key Rotation
[In Depth #25] Laravel makes effective use of encryption for security purposes, but what happens if your encryption key needs to be rotated? Let's see how Laravel 11 handles it...
Security Tips
Security Tip: Laravel 11's Controller Authorisation & Validation Methods
[Tip#75] As part of the simplification of the app structure in Laravel 11, the Request Authorisation and Validation methods are no longer available on the controller - here's how you get it back.
Security Tips
Security Tip: Laravel 11's Middleware Configuration
[Tip#74] Laravel 11 shifts the default middleware into the framework itself and exposes configuration through the bootstrap/app.php class.