Security Tips
Security Tip: Privilege Escalation Through Domain Wildcards!
[Tip #80] It's incredibly common to find hardcoded domains used for identifying admins, however this also makes it trivial to escalate privileges to admin!
Security Tips
[Tip #80] It's incredibly common to find hardcoded domains used for identifying admins, however this also makes it trivial to escalate privileges to admin!
Security Tips
[Tip #79] It may be tempting to reach for env() outside your config files, but you may be introducing subtle bugs, or exposing your app to compromise...
In Depth
[InDepth#21] I've had this question many times, so let me take you through the steps I follow when provisioning and securing apps on Forge.
Security Tips
[Tip#59] It may seem obvious, you'd be surprised just how often I come across websites where debug mode is enabled!
Security Tips
[Tip#3] Laravel's config files are great, but don't forget to put sensitive values (i.e. secrets, passwords, tokens, etc) in your .env file!