We are following the best security process that are being practiced by the major organization in the industry providing the best possible security features for the system we are implementing as we are concerned with the importance of data.
We are using the latest technology of Laravel which uses “providers” and “guards” to facilitate the authentication process. The purpose of “guards” is to authenticate users for each request they make, while “providers” facilitates to retrieve back the users from the database.
We are using the Laravel , for storing the password, provides a class called “Hash” class which provides secure Bcrypt hashing.
CSRF Protection Cross-site request forgery (XSS) −
SQL injection −
SQL injection vulnerability exists when an application inserts arbitrary and unfiltered user input in an SQL
query. By default, Laravel will protect you against this type of attack since both the query builder and Eloquent use PHP Data Objects (PDO)
class behind the scenes. PDO uses prepared statements, which allows you to safely pass any parameters without having to escape and sanitize them.
Laravel’s Eloquent ORM uses PDO binding that protects from SQL injections. This feature ensures that no client could modify the intent
of the SQL queries.
Cookies – Secure by default − Laravel makes it very easy to create, read, and expire cookies with its Cookie class. In Laravel all
cookies are automatically signed and encrypted. This means that if they are tampered with, Laravel will automatically discard them. This also
SSL CERTIFIACTION Forcing HTTPS when exchanging sensitive data − HTTPS prevents attackers on the same network to intercept private information such as session variables and log in as the victim.