secure configurations for Laravel - The PHP Framework
This framework is makes security simple to achieve. Out of all non-default settings, the little following can be set to achieve higher security settings. Fortify session cookie security. config/session.php 'secure' => true, 'expire_on_close' => true, 'http_only' => true, 'same_site' => "strict", Use env call to credentials. Do not use hard-coded values. /config/database.php