StackShield

StackShield + Laravel Envoyer: Post-Deployment Security Scans

Trigger StackShield security scans after every Envoyer deployment. Verify your Laravel app is secure before users hit the new release.

Deployment Last updated: March 2026

Laravel Envoyer provides zero-downtime deployments for your PHP applications, but it does not verify the security posture of the deployed code. By connecting StackShield to Envoyer via deployment hooks, you can trigger an automatic security scan after every deployment. This catches issues introduced by the new release, such as accidentally enabling debug mode, exposing new routes without proper authentication, or deploying with misconfigured security headers.

Features

  • Automatic security scan trigger after every Envoyer deployment completes
  • Deployment hook integration that fits into Envoyer existing notification workflow
  • Detect security regressions introduced by new releases before users encounter them
  • Combine with Envoyer health checks for a complete post-deployment verification process

Setup Guide

  1. 1

    Add Your Site to StackShield

    In your StackShield dashboard, add the production domain of your Envoyer-managed application as a monitored site.

  2. 2

    Copy Your StackShield Trigger URL

    Go to Settings, then API in your StackShield dashboard. Copy the scan trigger URL for your site. This is the URL that Envoyer will call after each deployment.

  3. 3

    Add a Deployment Hook in Envoyer

    In Envoyer, go to your project, then Deployment Hooks. Add a new "After" hook that runs after the deployment finishes. Use a cURL command to call your StackShield trigger URL with your API token in the Authorization header.

  4. 4

    Set Up Notifications

    Configure StackShield notification channels so your team is alerted if the post-deployment scan detects issues. Combine this with Envoyer own notification channels for complete deployment visibility.

Ideal Use Case

Envoyer users deploy frequently, often multiple times a day. Each deployment is a chance for a security regression to slip through. StackShield post-deployment scans act as an automated security reviewer that checks every release. This is particularly important for teams that deploy to multiple servers or environments through Envoyer, where a configuration difference between servers could leave one instance insecure even if others are fine.

Frequently Asked Questions

Does StackShield slow down my Envoyer deployments?

No. The deployment hook triggers a StackShield scan asynchronously after the deployment completes. The deployment itself is not blocked or slowed. Scan results are delivered via your configured notification channels.

Can I trigger scans for both staging and production Envoyer projects?

Yes. Add both environments as separate monitored sites in StackShield and configure deployment hooks in each Envoyer project. This lets you scan staging before promoting and production after deploying.

What happens if my deployment rolls back?

If Envoyer rolls back to a previous release, you can trigger another StackShield scan to verify the rolled-back version is secure. The scan results will reflect the state of whatever code is currently serving traffic.

Related Integrations

Deployment

Laravel Forge

Monitor the security posture of Laravel applications deployed with Forge. Catch misconfigurations that Forge does not check for.
Alerting

Slack

Get instant Slack notifications when StackShield detects security issues in your Laravel app. Channel-based alerts keep your entire team informed.
Alerting

Email

Receive email notifications and scheduled digests when StackShield finds security issues in your Laravel application. No extra tools required.

Try StackShield Free for 14 Days

Start monitoring your Laravel application security in minutes. No installation required.

Start Free Trial