secure configurations for Laravel - The PHP Framework

This framework is makes security simple to achieve.  Out of all non-default settings, the little following can be set to achieve higher security settings.

Fortify session cookie security. 

'secure' => true,
'expire_on_close' => true,
'http_only' => true,
'same_site' => "strict",

Use env call to credentials. Do not use hard-coded values. 


Unknown said…
its good for full secure and Website Development has more secure then other framwork

Popular posts from this blog

XSS: Gaining access to HttpOnly Cookie in 2012

Jumping out of Touch Screen Kiosks

HttpOnly Session ID in URL and Page Body | Cross Site Scripting