Making sure Laravel's debug mode is always disabled in production original

Jan 22nd 2024 – ohdear.app

Recently, people started talking about a malware called “Androxgh0st” specifically targeting Laravel apps. In a recent edition of Securing Laravel, Stephen Rees-Carter wrote a good explanation of how it works.

The malware targets apps with APP_DEBUG set to true. When enabled, Laravel will give detailed error messages, and some security features will be disabled. In production, you always want this value to be set to false.

You can make sure it's always set to' false' using Oh Dear’s application monitoring feature. We can notify you whenever someone should set it to true. Let’s go through the steps required to set this up.

Read more [ohdear.app]

← Hosting Laravel application statically

What is a Command Bus? →

Share Post LinkedIn | Follow @freekmurze

Join 9,500+ smart developers

Every month I share what I learn from running Spatie, building Oh Dear, and maintaining 300+ open source packages. Practical takes on Laravel, PHP, and AI that you can actually use.

No spam. Unsubscribe anytime. You can also follow me on X.

Found something interesting to share? Submit a link to the community section.

I'm a Laravel developer at Spatie and Oh Dear. I maintain 300+ open source packages for the Laravel community.

Follow on X

Oh Dear monitors your entire website, so you don't have to. Uptime, SSL certificates, broken links, scheduled tasks, DNS, and more — all in one place.

Get instant notifications when something breaks, paired with a developer friendly API and thorough documentation.

Create a public status page in under a minute. Start your free trial.