Collaborate Disseminate
I need to implement end to end encryption between front (reactjs) and back (laravel). What I try to do is encrypt data in front using package cryptojs, send it using axios to backend, in the backend I try to decrypt data using built-in fun… Continue reading Implementing end to end encryption (react js , laravel) [migrated]
We are using Amazon SES (Simple Main Service) with Cpanel (Exim, Laraval, and PHP). Yesterday thousands of spam emails were sent from our main email info@ourdomain.com. cPHulk Brute Force Protection was enabled and we changed the email pas… Continue reading Spam emails sent from our main domain email
We discuss some of the best database tools for DevOps developers and DevOps engineers. Learn DevOps database software. Continue reading 3 Best Database DevOps Tools for 2023
I have a Laravel registration form with the invisible google recaptcha v2 installed with the security set to highest level within the recaptcha admin console – code as follows:
<div>
<div class="js-recaptcha-holder">… Continue reading Automated bot/spammer bypassing google recaptcha v2
I have found an issue in a laravel site; its .env file is public. I need a way to decode and decrypt the jwt session cookie used by default in laravel using the app key found in .env file.
I don’t know PHP at all. Is there an online tool l… Continue reading How to decode laravel cookie using app_key
I’m working on an assignment that I’m not sure how to approach. I have to emulate a network-attached storage server (NAS) with a possibly compromised server. In practice, I’m creating a local Laravel website to demonstrate security feature… Continue reading Transmission and storage of data on a compromised server
So I was testing my application for some vulerabilities and found one that I missed:
<input class="hidden" type="hidden" name="event_id" value="{{$event->id)}}">
this puts the ID of the cur… Continue reading Hidden Input prevent value changing – Laravel
We built a lot of WordPress and Laravel websites. For security scans we use free tools. Most vulnerability scanners also paid will not find much.
We just scan vulnerabilities & custom code. What are your best practices?
Continue reading Best practice finding vulnerabilities in WordPress and Laravel websites [closed]
I was loading my sites front end and watching the responses in burpsuite when I noticed a response which contained a very verbose sql error
"message": "SQLSTATE[22P02]: Invalid text representation: 7 ERROR: invalid inpu… Continue reading SQL Injection detected
My website built upon Laravel is currently under attack.
Only the index.php file was changed, and by that I mean that every line of code is inserted above the original Laravel code. So this code executes before the legitimate Laravel code…. Continue reading How to secure Laravel website against the ongoing massive exploitation