Security

Symfony

Published on 2020-10-15 • Modified on 2020-10-15

In this post, we will see how to use an expression for disabling the security of a Symfony administration in the dev environment. We won't use an IP based test like the documentation explains, but we will use the application's environment instead.

subject Read the full post


Symfony

Published on 2019-12-22 • Modified on 2020-08-18

In this post, we will check all the Symfony best practices listed in the official documentation. For each one, I will say if I agree with it or not and why.

subject Read the full post


Symfony

Published on 2019-06-05 • Modified on 2019-06-05

In this post, we will see how to use the NotCompromisedPassword validator which was introduced in Symfony 4.3. This validator allows us to check if a given password was publicly exposed in a data breach and is therefore compromised. We will see how to use it manually and how to offer the ability to the user to test their password with this validation.

subject Read the full post


Symfony

Published on 2018-11-16 • Modified on 2020-10-17

In this post, we will see how to implement a fail2ban system for Symfony. It will log login failure attempts for a given IP and will prevent further tries once a critical threshold is reached. When happening, a customized error page will be displayed to the user. ⏹

subject Read the full post