practicallaravelsecurity.com

.com crawl

First seen 2026-04-11 · Last seen 2026-05-19 · ok HTTP/1.1 200 2021 ms crawled 2026-05-18

US · 172.67.138.196 · AS13335 Cloudflare, Inc.

Reputation 94/100 dmarc monitor-only

Classifying

HTML metadata

Title: Practical Laravel Security - Secure Your Laravel Apps
Description: A hands-on practical Laravel Security course that uses interactive hacking exercises to teach you how to keep your applications secure. Because learning security doesn't have to be boring!
Language: en
Canonical: https://practicallaravelsecurity.com/

Open Graph

url: https://practicallaravelsecurity.com/
title: Practical Laravel Security - Secure Your Laravel Apps
description: A hands-on practical Laravel Security course that uses interactive hacking exercises to teach you how to keep your applications secure. Because learning security doesn't have to be boring!

Technology

CDN: Cloudflare

Analytics

Fathom

Third-party hosts loaded (2)

cdn.usefathom.com×1
practical-laravel-security.ck.page×1

Social

Registration

Registrar

Synergy Wholesale Accreditations Pty Ltd

Created

2022-11-07

Expires

2026-11-07 171 days left

Updated

2025-10-23

Name servers

algin.ns.cloudflare.com
jamie.ns.cloudflare.com

DNS records live

NS

algin.ns.cloudflare.com
jamie.ns.cloudflare.com

MX

10 in1-smtp.messagingengine.com
20 in2-smtp.messagingengine.com

TXT

google-site-verification=vnooqOFX4r5gR4DNiFy-uGpu_w2Ts3wR1_S-3mJX9v8

Email authentication partial

SPF: v=spf1 include:spf.messagingengine.com ?all
neutral (?all)
DMARC: v=DMARC1; p=none;
policy: none (monitoring only)
DKIM: no key found at common selectors

Certificate (current)

WE1

from 2026-04-03 to 2026-07-02

Expires in 43 days

Full certificate history on crt.sh ↗

HTTP security headers

Header hygiene 80/100 Checked live page: https://practicallaravelsecurity.com/

present

strict-transport-security
content-security-policy-report-only
x-frame-options
x-content-type-options
referrer-policy
permissions-policy

findings

missing Content Security Policy

Header values

referrer-policy: no-referrer-when-downgrade
x-frame-options: SAMEORIGIN
permissions-policy: accelerometer=(), autoplay=(), camera=(), cross-origin-isolated=(), display-capture=(), encrypted-media=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy-report-only: default-src 'none'; script-src 'self' cdn.usefathom.com f.convertkit.com getsendstack.com practical-laravel-security.ck.page; style-src 'self' 'unsafe-inline'; img-src 'self' data: cdn.usefathom.com; connect-src app.convertkit.com app.kit.com; frame-ancestors 'none'; form-action 'none'; manifest-src 'self'; report-uri https://valorin.report-uri.com/r/d/csp/reportOnly