Collaborate Disseminate
I’m developing a platform that has 2 parts:
An API written using Laravel, that integrates with the database and provided data in a restful state.
Multiple fronts that connect to the API and perform different tasks.
Laravel suggests that … Continue reading What should I worry about when attaching a token to a request manually?
We are building a multitenancy web app with Laravel (+Blade), each user can create a store (tenancy), and have a control panel where they can edit the store settings and styling, to edit the store styling, we thought about letting the user… Continue reading Taking html, js, css input from the user
I was routinely checking up all my servers, I found a strange process with kthreaddk command running up and taking up all 100% CPU resources. After checking it out I found that www-data (default user for php-fpm) has shell access. so I had… Continue reading Cyptomining on my AWS VPS
I have a VPS with Ubuntu 18.04 and a project in Laravel. Two days ago on the website a Allowandgo.com popup is displayed.
I run sudo chkrootkit but it showed me that only files in /var folder are infected, but I read that is normal. I remo… Continue reading Allowandgo popup on Ubuntu server [closed]
I recently had a breach on my site (laravel), i got aware of it after i tried to pull the code from github and found out that some files were modified.
files modified were mostly storage – logs/cache and index.php had error_reporting(E_ALL… Continue reading Is there any way an attacker can access the server and modify the site (php) code?
I’m finding it really hard to find a solution to make secure requests via our API without a potential hacker being able to see sensitive secret information via Google Chrome dev tools (or any browser’s dev tools), as React tends to show ev… Continue reading How do I protect a Laravel backend API from hijacking/CSRF when there is a React frontend?
i have problem some one remove user access from database on server any time i add this user to database on go daddy server he removes it , i tried to change database name and make new user also removed after less than day ,i need to know t… Continue reading i have been hacked from someone register with script
the most bizarre thing happened, someone fount out the smtp mail driver credentials from a Laravel project, which are stored in the .env.
The credentials are used for a contact form. The .env was in production and the debug was set to fal… Continue reading Security breach from contact form in Laravel 5.8.36?
I am using laravel on shared hosting.
Under my domain in my folder is the laravel app.
Now I see online that many people do weird stuff with the laravel public folder, they either move it to a different location or create a sys link, but w… Continue reading Laravel | Why create a public_html folder and link/move it?
In June, 1995, Rasmus Lerdorf made an announcement on a Usenet group. You can still read it.
Announcing the Personal Home Page Tools (PHP Tools) version 1.0.
These tools are a set of small tight cgi binaries written in C.
Today, twenty five years on, PHP is about as ubiquitous …read more
Continue reading Does PHP Have A Future, Or Are Twenty Five Years Enough?