Newsletter

In Depth

In Depth: Registration Without Enumeration!

[InDepth#24] It's time to answer the question: how do you build user registration and authentication without an enumeration vector?

Security Tips

Security Tip: Fix Your Leaky APIs!

[Tip#70] This is your periodic reminder to check your app for any leaky APIs and fix them ASAP, otherwise you might end up with an email from Have I Been Pwned's Troy Hunt...

Newsletter

In Depth: Protecting Staging Sites!

[InDepth#23] Staging sites usually contain buggy code, debugging tools, and lower security than production, while also being a gateway into your environment and sometimes even contain customer data...

Security Tips

Security Tip: Use the Alpine.js CSP Build!

[Tip#68] If you use Alpine and a CSP on your app, you'll want to use the new CSP-friendly build to avoid needing `unsafe-eval` in your policies.

In Depth

In Depth: Introducing Random

[InDepth#22] Random generates cryptographically secure random values in a range of different formats through a simple helper package for PHP.

In Depth

In Depth: Securing Apps on Forge

[InDepth#21] I've had this question many times, so let me take you through the steps I follow when provisioning and securing apps on Forge.

In Depth

In Depth: Adding Rehashing to Laravel

[InDepth#20] It turns out Laravel was missing an important piece of it's Authentication system: password rehashing! Let's add that in and learn how the authentication system works in the process.

Newsletter

2 years of Securing Laravel / Laravel Security In Depth!

Thank you for subscribing and supporting Securing Laravel these past 2 years!

Newsletter

In Depth: "Th1nk Lik3 a H4cker" Walkthrough (part 2)

[InDepth#19] It's time to finish up the "Th1nk Lik3 a H4cker" walkthrough, looking at the rest of the challenges and the final hack from Laracon US!

In Depth

In Depth: "Th1nk Lik3 a H4cker" Walkthrough (part 1)

[InDepth#18] Let's take a walk through the first half of my "Th1nk Lik3 a H4cker" talk from Laracon EU & US. We'll explore the vulnerabilities behind each challenge and what I was trying to teach.

Newsletter

Don't forget about the special Laracon US 25% Discount!

Only a couple of days left to take advantage of the 25% off special!

Newsletter

Securing Laravel → Special Laracon US 25% Discount!

I'm on the plane headed to Laracon US, speaking on Thursday, which means it's time for my traditional "I'm speaking at Laracon" discount! 🥳