Download the PHP package leonardolima/laravel-security-check without Composer

On this page you can find all versions of the php package leonardolima/laravel-security-check. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package laravel-security-check

<img src="art/SecurityScan.png" alt="Laravel Security Check" />

Laravel Security Check

This project aims to provide tools and best practices to verify and improve the security of Laravel applications.

Features

✅ Check for insecure configurations

✅ Analyze file and directory permissions

✅ Debugbar and Telescope Make sure packages like barryvdh/laravel-debugbar and laravel/telescope are not enabled in production.

✅ APP_URL Check if APP_URL is correctly configured for the production domain.

✅ Queue and Cache Drivers Avoid using drivers like sync or file in production for QUEUE_CONNECTION and CACHE_DRIVER.

✅ Session Driver Avoid SESSION_DRIVER=file in production, prefer redis or database.

✅ Mail Driver Avoid MAIL_MAILER=log or MAIL_MAILER=array in production.

✅ Public Directories Make sure sensitive files (like .env, composer.lock, etc.) are not publicly accessible.

✅ Debug Mode Besides APP_DEBUG, make sure that there are no other debug modes active.

✅ Error Exposure Check that APP_DEBUG is false and that there are no custom handlers exposing stack traces.

How to use by cloning the repository

  1. Clone the repository:

  2. Install the dependencies:

  3. Run the security checks:

Using with Composer Install

  1. Install the package via Composer:

  2. After installation, you can run the security check command:

Requirements

Contribution

Contributions are welcome! Feel free to open issues or send pull requests.

License

This project is licensed under the MIT License.


All versions of laravel-security-check with dependencies

PHP Build Version
Package Version
Requires php Version ^8.0
illuminate/support Version ^9.0|^10.0|^11.0|^12.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package leonardolima/laravel-security-check contains the following files

Loading the files please wait ....