This package helps you quickly assess and improve the security settings of your PHP environment within a Laravel application. It checks essential security configurations and provides recommendations to enhance security by adjusting your php.ini file.
To include this package in your Laravel project:
composer require m-derakhshi/laravel-php-securityTo customize the view template, publish the package views:
php artisan vendor:publish --tag=views --provider="MDerakhshi\SecurityCheck\LaravelPHPSecurityServiceProvider"- Create a route and controller action for the security check. For example, you might use a
SecurityCheckController:
// In web.php
Route::get('/security-check', [SecurityCheckController::class, 'index']);- Create the controller to handle the package:
<?php
namespace App\Http\Controllers;
use MDerakhshi\SecurityCheck\LaravelPHPSecurityCheck;
class SecurityCheckController extends Controller
{
public function index(LaravelPHPSecurityCheck $securityCheck)
{
$result = $securityCheck->checkSettings();
return view('laravel-php-security-check::laravel-php-security-check', $result);
}
}Visit /security-check in your Laravel application to view the PHP security settings and recommended adjustments.
- PHP Extensions Check: Confirms essential extensions (like GD, intl, mbstring, etc.) are enabled.
- Security Settings Check: Validates critical PHP settings such as
register_argc_argv,display_errors,expose_php, and more. - Recommended php.ini Adjustments: Displays suggestions for modifying
php.inisettings to enhance security.
After publishing, the view files are located in resources/views/vendor/laravel-php-security-check/ and can be modified to adjust the display as needed.
This package is open-source software licensed under the MIT license.