This document outlines the security approach we implement when developing platforms. Security is built in from day one, not added later. Every platform is designed to be secure by default, enabling users to operate with confidence while we handle the complexity behind the scenes.
We implement passwordless login to remove the risks associated with traditional passwords.
This plan outlines the steps for an AI to implement a passwordless "magic link" authentication system in a Laravel application, replacing traditional password-based login.
LoginToken Migration:
login_tokens.Passwordless login removes the need for passwords entirely. Instead of remembering credentials, users log in using a secure, time-limited link sent to their email.
This improves both usability and security by removing one of the most common causes of breaches: weak or reused passwords.
You likely found this page because the following obfuscated PHP code appeared somewhere inside your website after a compromise.
I encountered this exact payload inside a Laravel application where it
had been written to storage/maintenance.php. Once present, it began
generating large numbers of fake pages designed for search engines.
This repository/gist contains a cleaned and readable version of the code
| document.addEventListener('click', (event) => { | |
| const link = event.target.closest('a'); | |
| if (!link) return; | |
| // Modified clicks (new tab, etc) | |
| if (event.metaKey || event.ctrlKey || event.shiftKey || event.altKey) return; | |
| // Already handled by Livewire | |
| if (link.hasAttribute('wire:navigate')) return; |
| <?php | |
| namespace App\Console\Commands; | |
| use Illuminate\Console\Command; | |
| class DbExportCommand extends Command | |
| { | |
| /** | |
| * The name and signature of the console command. |
| <div class="fixed bottom-0 left-0 z-9999 p-2 text-xs font-mono bg-black text-white"> | |
| <div class="block sm:hidden">BASE</div> | |
| <div class="hidden sm:block md:hidden">SM</div> | |
| <div class="hidden md:block lg:hidden">MD</div> | |
| <div class="hidden lg:block xl:hidden">LG</div> | |
| <div class="hidden xl:block 2xl:hidden">XL</div> | |
| <div class="hidden 2xl:block">2XL</div> | |
| </div> |
| mkdir -p /root/docker/wireguard | |
| docker run -d \ | |
| --name=wg-easy \ | |
| -e WG_HOST=<public_ip> \ | |
| -e PASSWORD=<password> \ | |
| -v /root/docker/wireguard:/etc/wireguard \ | |
| -p 51820:51820/udp \ | |
| -p 51821:51821/tcp \ | |
| --cap-add=NET_ADMIN \ | |
| --cap-add=SYS_MODULE \ |
I needed to back up a large S3-compatible bucket on a small VPS without running out of memory.
While tools like s5cmd sync work very well in many cases, they can struggle with extremely large buckets when memory is limited. I wanted something that:
| #!/usr/bin/env bash | |
| # sshh - Royal TSX launcher wrapper | |
| set -euo pipefail | |
| port="" | |
| target="" | |
| # Parse args | |
| while [ "$#" -gt 0 ]; do |