Brut force or enumeration attack are not limited to login form. An easy way to fix this is to rate limit usage of your application. There are many solution out there to achieve that, in this post I show you how to do it with Symfony rate limiter component. I will also show you how to protect your server with long running task to avoid server overwhelming.

My first reminder of the blog: how to unban an IP that Fail2Ban wrongly banned. This happens to me a lot right now and I never remember the exact command line to reauthorize an IP.

There isn't an application that is really security proof and will not suffer to a data breach. Encryption of the data is a good approach to reduce data breach impact. In this post, I'm going to show you how to use encryption in PHP with real world case.

Have you ever thought about using the .my.cnf configuration file to make it easier to connect to your MySQL or MariaDB databases? This configuration is very useful when you have to manage several databases and / or several servers. I propose you a presentation of what we can do with it in this article.

Today, we use more and more external libraries in our projects. Though it saves us time, it is possible that we may introduce security vulnerabilities via these libraries. Controlling this is unfortunately not systematic, and particularly seldom automated. I'll show you in this post how to automate this control using SensioLabs' tool and Jenkins.

Most sites use cookies. Whether for tracking or persisting data, unfortunately good security practices are not always apply. In this article I will present the different options available in PHP and how to implement them with Symfony.