Security Tips - Securing Laravel (Page 10)

Security Tips

[Tip #7] Always pass user input through a validator to ensure you only get the data you're expecting.

Security Tips

[Tip #6] Because sometimes being paranoid is a good thing.

Security Tips

[Tip #5] Don't forget to configure your cookies for to only work over HTTPS.

Security Tips

[Tip #4] We're following the theme of reminders for simple features that are easy to overlook with a reminder to use Parameterised Queries!

Security Tips

[Tip #3] Laravel's config files are great, but don't forget to put sensitive values (i.e. secrets, passwords, tokens, etc) in your .env file!

Security Tips

[Tip#2] Policy Filters let you implement shared authorisation checks across your entire policy without repeating code in every method.

Security Tips

[Tip#1] A simple but quite important tip, how to use a custom encryption key for encrypted casting within Models.

See all