A comprehensive talk on server administration and security for Laravel developers, covering essential concepts of server management, security best practices, and process supervision. The speaker discusses setting up secure user access, configuring firewalls, managing permissions, and understanding process supervision with systemd and supervisor.

This talk covers multi-tenancy in Laravel applications, discussing different approaches like single vs multi-database setups. The speaker explains how to handle database segmentation, file storage, search functionality, and domain strategies for multi-tenant apps. The presentation includes practical examples of implementing tenant scopes, handling migrations, and managing external services in a multi-tenant environment.

An interactive security demonstration where the speaker guides the audience through various security vulnerabilities in Laravel applications. The talk showcases common security issues like password brute forcing, insecure direct object references, cross-site scripting through markdown, and environment file exposure. The audience participates by attempting to hack a live demo application using their phones while learning about security best practices and common pitfalls.

A technical deep dive into Laravel Livewire best practices and advanced concepts by Foil, focusing on performance optimization, security considerations, and database architecture. The talk covers strategies for improving Livewire component performance, implementing optimistic UIs, handling database replication for global applications, and securing public properties in Livewire components.

This talk by Esther Co discusses the ethics and practicalities of whistleblowing in technology, particularly focusing on responsible disclosure of security vulnerabilities. She presents the '3 Ds' framework (Discovery, Debate, Disclosure) and discusses legal implications, ethical considerations, and best practices for reporting security issues. The talk includes case studies like the Ashley Madison hack and DigiNotar incident to illustrate different approaches to disclosure.

A talk about backup best practices and the Laravel Backup package. The speaker discusses the importance of not relying solely on hosting provider backups, demonstrates the Laravel Backup package's features including automated backups to multiple destinations, cleanup of old backups, and monitoring/notifications. He shares real-world backup horror stories and provides practical advice for implementing backup strategies in small teams without dedicated DevOps resources.

This talk focuses on simplifying API authentication using JSON Web Tokens (JWT). The speaker shares his journey from using database-stored tokens to implementing JWT, explaining the structure, security considerations, and best practices. He introduces his PHP library for JWT implementation and demonstrates how it handles token creation, validation, and various use cases like blacklisting and whitelisting tokens.

A talk about the evolution and challenges of software development, focusing on how developers and system administrators have lost their 'childhood innocence' through increasing complexity. The speaker uses the Equifax data breach as a case study to illustrate security failures and discusses how modern DevOps practices and tools can help restore simplicity to development workflows.

A comprehensive talk about using Docker for PHP/Laravel development, covering how to properly configure development environments using Docker containers. The speaker demonstrates how to set up Docker files, use Docker Compose for orchestration, and implement best practices for container development including caching strategies and security considerations.

A thought-provoking talk about the responsibilities developers have regarding data privacy and security in the modern age. The speaker emphasizes how we've become too casual with handling user data, discusses the implications of permanent digital footprints, and provides practical advice for better data stewardship, including implementing proper protocols, checklists, and access controls.

A practical talk focused on Linux system administration and debugging tools for PHP developers. The speaker covers essential Linux concepts and demonstrates powerful troubleshooting techniques using tools like strace, lsof, and PHP-FPM access logs. The talk emphasizes understanding server-side debugging beyond just PHP code, including sessions, file locking, and I/O monitoring.

A security-focused talk by a CTO from Helsinki discussing practical hacking techniques and defensive strategies in Laravel applications. The speaker demonstrates SQL injection attacks using SQLmap, object injection vulnerabilities through PHP stream wrappers and serialization, and privilege escalation risks when running Laravel scheduler as root. The talk emphasizes the importance of proper validation, keeping software updated, and understanding security as an ongoing process rather than a one-time task.

Chris Brown, a Laravel package maintainer and developer, gives a comprehensive talk about Laravel's authorization system, covering the differences between authentication and authorization, how to implement authorization using Laravel's Gate and Policy features, and best practices for handling permissions in Laravel applications. He discusses both built-in Laravel authorization capabilities and popular third-party packages.

A talk focused on secrets management and security in web applications, particularly emphasizing the business impact of poor security practices. The speaker discusses the risks of storing credentials in clear text, the costs of data breaches, and presents HashiCorp Vault and AWS Secrets Manager as solutions for secure secrets management.

A comprehensive talk about CSRF (Cross-Site Request Forgery) attacks and Same-Site Cookies in Laravel applications. The speaker explains how CSRF attacks work, demonstrates different Same-Site Cookie attributes (Strict, Lax, None), and discusses how Laravel implements Same-Site Cookie protection. The talk includes live demonstrations and explains why CSRF protection remains important despite new browser security features.

Taylor Otwell presents upcoming features in Laravel 11, focusing on a simplified application structure with reduced boilerplate files and improved developer experience. He also announces Laravel Herd Pro with debugging features, Herd for Windows, and Laravel Reverb - a new websocket server. The talk emphasizes Laravel's continued evolution toward a more streamlined, modern framework while maintaining backward compatibility.

Taylor Otwell presents upcoming features in Laravel 11, focusing on a simplified application structure with reduced boilerplate files and improved developer experience. He also announces Laravel Herd Pro with debugging features, Herd for Windows, and Laravel Reverb - a new websocket server. The talk emphasizes Laravel's continued evolution toward a more streamlined, modern framework while maintaining backward compatibility.

A comprehensive talk about the importance of application logging in Laravel and general software development. The speaker discusses why logs are critical for debugging and monitoring applications, best practices for implementing logging, and demonstrates practical logging implementation using Laravel with services like Log Entries and Google Cloud Run.

This talk discusses approaches to securing data and communications in software-as-a-service applications, particularly focusing on end-to-end encryption, zero-knowledge systems, and practical ways to protect user data. The speaker uses a banking/financial data example to illustrate concepts around encrypting sensitive information while still maintaining service functionality. The talk concludes with practical advice for incrementally improving data security in applications.

Sam, CTO of CustomD, presents a talk on encryption and data privacy in Laravel applications. He introduces their open-source library 'eloquent-model-encrypt' which implements hybrid encryption (combining symmetric and asymmetric encryption) to securely protect user data while maintaining granular access control. The library helps developers implement proper encryption practices without dealing with the complex cryptographic details directly.