In the world of PHP programming, the functions serialize() and unserialize() have long been relied upon for converting complex data structures into strings. They are great at performing the function they were designed to do: convert PHP objects into a string that can be stored in a database or file. These strings can then be…
Category: Web Security
Preventing Symfony Process From Passing Laravel Environment Variables
Recently when working on an internal tool using Laravel, we encountered an issue where calling artisan commands in another application was using the wrong environment variables. After debugging, we determined that this was default behavior of the Symfony process class. The Symfony process class for PHP is able to call system processes from within your…
Ensure Security with Forced SSL for WordPress Admin Logins
Requiring WordPress admins to log in through SSL (Secure Sockets Layer) helps prevent hackers from stealing passwords. But what exactly is SSL, and how do you force it for logins? Until 1995, data was sent across the internet in plain text. If someone ordered a product with their credit card, the account number and all…
How to Generate and Manage Strong Passwords
You’ve probably read a lot of advice on everything you need to do to have a secure password. Some common password recommendations include: It has to be at least 12 characters long. It should use uppercase letters, lowercase letters, numbers, and symbols. It’s not a password you’ve used before or elsewhere. Don’t use dictionary words…