Recently when working on an internal tool using Laravel, we encountered an issue where calling artisan commands in another application was using the wrong environment variables. After debugging, we determined that this was default behavior of the Symfony process class. The Symfony process class for PHP is able to call system processes from within your…
Category: Web Security
Ensure Security with Forced SSL for WordPress Admin Logins
Requiring WordPress admins to log in through SSL (Secure Sockets Layer) helps prevent hackers from stealing passwords. But what exactly is SSL, and how do you force it for logins? Until 1995, data was sent across the internet in plain text. If someone ordered a product with their credit card, the account number and all…
How to Generate and Manage Strong Passwords
You’ve probably read a lot of advice on everything you need to do to have a secure password. Some common password recommendations include: It has to be at least 12 characters long. It should use uppercase letters, lowercase letters, numbers, and symbols. It’s not a password you’ve used before or elsewhere. Don’t use dictionary words…
Protect Your WordPress Website From Brute Force Attacks
In the classic movie WarGames, the main character programs his computer to guess the passwords of other computers randomly through his modem. This rather crude method of guessing passwords is called a brute force attack and is not uncommon for today’s WordPress sites. While an inelegant and old-fashioned way to attempt to breach other computers,…