Showing posts from September, 2018

secure configurations for Laravel - The PHP Framework

This framework is makes security simple to achieve.  Out of all non-default settings, the little following can be set to achieve higher security settings.

Fortify session cookie security. 

'secure' => true,
'expire_on_close' => true,
'http_only' => true,
'same_site' => "strict",

Use env call to credentials. Do not use hard-coded values.