Posts

Showing posts from September, 2018

secure configurations for Laravel - The PHP Framework

This framework is makes security simple to achieve.  Out of all non-default settings, the little following can be set to achieve higher security settings. Fortify session cookie security.  config/session.php 'secure' => true, 'expire_on_close' => true, 'http_only' => true, 'same_site' => "strict", Use env call to credentials. Do not use hard-coded values.  /config/database.php