Farewell, NullLogger. You have served me well, but with PHP's nullsafe operator, I don't need you anymore.
🔥 Laravel Tip #11: To minimize the risk of remote code execution (RCE) and cross-site scripting (XSS), it is a good practice to disable the "allow_url_fopen" and "allow_url_include" php configuration settings in your php.ini file. Learn more: https://t.co/HJNP2GcAfi
🔥 Laravel Tip #13: If you have free RAM wasting away on your web server, one simple yet powerful technique to increase performance is to increase your PHP FPM max child processes.
🔥 Laravel Tip #23: Consider switching your app to HTTPS only. It's more secure, more credible (with the lock/secure sign) and better for SEO! All you need to do is setup the certificate, change your app URL, redirect HTTP traffic to HTTPS and configure HTTPS only cookies.
🔥 Laravel Tip #29: If your application is on HTTPS, make sure it supports HTTP/2 for better performance with request/response multiplexing, header compression and faster TLS handshakes. You can check if your app supports HTTP/2 using Curl. Learn more: https://t.co/P0YzVKBZjk
🔥 Laravel Tip #32: Did you know that the first step of a hack attack is reconnaissance? Make sure that your web server does not expose its version number or operating system. The more info you expose, the easier it is to exploit. Learn more: https://t.co/OgPmE0SEQC
🔥 Laravel Tip #31: As a good security measure, make sure that you have security headers configured either at the web server level or at the app level. They're incredibly powerful and protect against a wide range of attacks. Learn more: https://t.co/53UvSNnJ36
🔥 Laravel Tip #28: Make sure your application isn't vulnerable to host injection attacks. Try injecting the "X-Forwarded-Host" and the "Host" header using Curl, and check if the response contains headers or URLs with the injected host. Learn more: https://t.co/WiOLATkERH