by Devin Yang
(This article was automatically translated.)

Published - 2 years ago ( Updated - 2 years ago )

Laravel's debugging mode is quite rich. Laravel's official website has a reminder that you can set APP_DEBUG to true for local development, but in the production environment, this value must always be False.

Although you can use php artisan down The way to enter the maintenance mode, plus the secret can be accessed.

artisan down --secret=NWQwODZhNTM0ODY5Zjc1MDdkMWI4NzIy

Then use the URL to open and add the set secret
https://yourserver.example/NWQwODZhNTM0ODY5Zjc1MDdkMWI4NzIy

But if you are developing something, you need an external network environment, such as a BOT webhook, How to tell it🥺, at least you must be able to lock an external network IP.
My current approach is to adjust config/app.php, so that I can decide whether to start the DEBUG mode through the external network.

/*
    |--------------------------------------------------------------------------
    | Application Debug Mode
    |--------------------------------------------------------------------------
    |
    | When your application is in debug mode, detailed error messages with
    | stack traces will be shown on every error that occurs within your
    | application. If disabled, a simple generic error page is shown.
    |
    */

    //'debug' => (bool) env('APP_DEBUG', false),
   'debug' => env('APP_DEBUG', ($_SERVER[env("PROXY_REAL_IP","REMOTE_ADDR")]??"null") == env('APP_CAN_DEBUG','') ? true : false),

In the above setting, we can change the APP_DEBUG of .env to APP_CAN_DEBUG=my external network IP.
If necessary, add PROXY_REAL_IP to define the real IP that the host or container can obtain.

In this way, as long as you need to make relevant settings in .env, you can enter Debug mode with peace of mind.
When not in use, adjust APP_CAN_DEBUG in .env to false to lock it.

#APP_CAN_DEBUG=false
PROXY_REAL_IP=HTTP_X_REAL_IP
APP_CAN_DEBUG=111.248.117.140

PROXY_REAL_IP is used to set the real IP of the Proxy in the header, which can be set according to your own environment.
Like HTTP_X_FORWARDED_FOR or HTTP_X_REAL_IP etc.
 

We can write a simple Route and use phpinfo to check our external network IP and the header name of $_SERVER to confirm whether there is any setting error.

Route::get('/myphpinfo', function(){
    phpinfo();
});

Tags: laravel Laravel security

Devin Yang

Feel free to ask me, if you don't get it.:)

No Comment

Post your comment

Login is required to leave comments

Similar Stories


dlaravel

How to set the external network IP to the Project on D-Laravel?

This video introduces how we assign Public Ip (public IP) to a specific Project in the D-Laravel environment. Whether it is the setting of the external production environment or the demo of your own project on the intranet, you can refer to the setting method of this video. In the video, although I used the external network IP of PPPoE dial-up to illustrate, we can also use the local network IP on our own computer if we change it. In this way, colleagues can connect to our D-Laravel Project.

laravel

Laravel 5.6 has those new changes

Laravel 5.6 is scheduled to be released in February 2018, what changes? Let's see. (Argon2i Password Hashing Algorithm) ​​​​​​​​Argon2 provides the following three versions: 1. In Laravel 5.6, Argon2i password hashing algorithm will be supported. (Argon2i Password Hashing Algorithm) 2. Argon2d resists GPU cracking attacks to the greatest extent. 3. Argon2i is optimized to resist side-channel attacks. Third, Argon2id is a hybrid version. It follows the Argon2i method for the first pass, and then uses the Argon2d method for subsequent passes. It doesn't matter if you don't understand it, I don't understand it anyway, the point is, it's safe to be sure anyway.This is the Open Cryptography Contest (PHC) on July 20, 2015

docker, tinkerwell, tinker, laravel

Application of Tinkerwell and docker environment

In fact, I don't use Tinkerwell recently because it keeps costing me money to update. If you want to test the direct ssh host, it’s done, isn’t it?