Laravel Security: Top 7 Mistakes Developers Make

I often see the question: “Is Laravel secure?”, and in this video, let’s take a look at what the framework offers, and how developers use or misuse the security features.

00:00 Intro
00:37 Blade XSS Attack
02:34 Protect Your .env File
04:34 Don’t Use $request-all()
05:53 File Upload: Client Data
06:38 APP_DEBUG=true in Production
08:17 CSRF and Route::get()
09:54 Rate Limiting

Links mentioned in the video:
– Blade: Displaying Unescaped Data
– How to use Laravel .env and .env.example files?
– Danger of Using $request-all(), and How to Protect
– Uploaded File Information:
– Configuration: Debug Mode
– Laravel .env.example: APP_XXX Values Explained
– CSRF Protection:
– Routing: Rate Limiting

– – – – –
Support the channel by checking out our products:
– Enroll in my Laravel courses:
– Try our Laravel QuickAdminPanel:
– Buy my ready-made Laravel scripts:
– Purchase my Livewire Kit:
– Subscribe to my weekly newsletter:


Leave a Reply

Your email address will not be published. Required fields are marked *