Security

Enlightn has 49 automated security checks (including 28 Enlightn Pro checks).

🔒 Basic Security

• Make sure your .env file is not publicly accessible
• Turn Off App Debug In Production
• Hide Sensitive Debug Variables
• Generate Your App Key
• CSRF Protection
• Secure PHP Configuration
• Set Safe File and Directory Permissions
• Login Throttling
• Hashing Strength
• Your Code Shouldn't Contain Debug Statements PRO
• Your Code Shouldn't Contain Hard Coded Credentials PRO

🍪 Cookie Security and Session Management

• Cookie Encryption
• Cookie HttpOnly Attribute
• Cookie Domain Attribute PRO
• Cookie SameSite Attribute PRO
• Cookie Secure Attribute PRO
• Session Timeout PRO

🃏 Mass Assignment

• Fillable Foreign Key
• Mass Assignment
• Unguarded Models

☢️ SQL Injection Attacks

• Column Name SQL Injection PRO
• Raw Queries SQL Injection PRO
• Native SQL Injection PRO
• Validation Rule SQL Injection PRO

📜 Security Headers

• Cross Site Scripting
• HSTS Header
• Clickjacking PRO
• Mime Sniffing PRO
• Web Server Fingerprinting PRO

📁 Unrestricted File Uploads and DOS Attacks

• Arbitrary File Uploads PRO
• Directory Traversal PRO
• Regex DOS Attacks PRO
• Storage DOS Attacks PRO
• Unrestricted File Uploads PRO
• ZIP and XML File Bombs PRO

💉 Injection and Phishing Attacks

• Command Injection PRO
• Host Injection PRO
• Object Injection PRO
• Eval Code Injection PRO
• Extract Variable Hijacking PRO
• Open Redirection PRO

📦 Dependency Management

• Licensing
• Backend Vulnerable Dependencies
• Frontend Vulnerable Dependencies
• Stable Dependencies
• Up To Date Dependencies
• Horizon Security PRO
• Telescope Security PRO
• Nova Security PRO