Watch Youtube Video (HINDI) :
Laravel is PHP open source PHP framework used to build web applications and server-side scripts, However, on the developing side, that framework can not say perfectly that secure your web application 100% from hackers and security matters. You need to step forward toward a more secure application, However, this framework tries to improve each version more force security to save the site from the hackers.
This is common that hackers each time find your site linkages and then your data and important key matter. Unsafe developing sites are also vulnerable to the data and security of tokens, keys, and csrf form.
So in this post, I would like to tell you in your laravel application safe .env from the hackers and server errors debug mode false tips trick.
Secure Data
App debugs false will hide your server error from the hackers in case you get any server errors. It will not show you error logs. So it is hard to know what to wrong with the server.
So hackers won't know the error longs and not be able to go deeper.
.envAPP_DEBUG=false
Add Blacklist
Add the below code to your app.php file that will hide you Cookies, Server, Env from the browsers and logs.
config/app.php
'debug_blacklist' => [ '_COOKIE' => array_keys($_COOKIE), '_SERVER' => array_keys($_SERVER), '_ENV' => array_keys($_ENV), ],
This script will help you to hide your debug console from hackers.
.htaccess
As we very well know that laravel project we set all the credentials in the .env file so this is more important to hide the .env file.
The below script will hide .env the file it accessing http://localhost:8000/.env. So it is not able to open the file..
Secure .env
# Disable Directory listing Options -Indexes # block files which needs to be hidden // in here specify .example extension of the file <Files ~ "\.(env|json|config.js|md|gitignore|gitattributes|lock|example)$"> Order allow,deny Deny from all </Files> # in here specify full file name sperator '|' <Files ~ "(artisan)$"> Order allow,deny Deny from all </Files>
We always thanks to you for reading our blogs.
Dharmesh Chauhan
(Swapinfoway Founder)Hello Sir, We are brothers origin from Gujarat India, Fullstack developers working together since 2016. We have lots of skills in web development in different technologies here I mention PHP, Laravel, Javascript, Vuejs, Ajax, API, Payment Gateway Integration, Database, HTML5, CSS3, and Server Administration. So you need our service Please Contact Us
Haresh Chauhan
(Co-Founder)We Are Also Recommending You :
- Force Redirect to www From Non-www Using htaccess In Laravel
- Laravel 10 Forum Integration Tutorial Example
- Laravel Logs Viewer Integration
- How to Generate PDF File Using DomPDF In Laravel 9 Example
- Create Custom Route File With New Service Provider Laravel 8 9
- Laravel 10 Sanctum API Authentication Tutorial Example
- Laravel 10 Create Custom Helper Function Example
- Laravel JSON Data Search/Filter From Database Example
- Laravel Eloquent Parent Child In Same Table With Example
- How To Clone Laravel