StackShield + Laravel Forge: Security Monitoring for Forge-Deployed Apps
Monitor the security posture of Laravel applications deployed with Forge. Catch misconfigurations that Forge does not check for.
Laravel Forge makes server provisioning and deployment simple, but it does not monitor the security posture of your running application. StackShield fills that gap by continuously scanning your Forge-deployed Laravel applications from the outside, checking for exposed debug pages, leaked .env files, accessible Telescope or Horizon dashboards, missing security headers, and 20+ other checks. Forge handles the infrastructure; StackShield watches the application.
Features
- Automatic monitoring of all domains managed by your Forge servers
- Post-deployment scan triggers using Forge deployment hooks to check security after every deploy
- Detection of common Forge misconfigurations like exposed .env files or debug mode left enabled after deployment
- Complement Forge SSL management with security header checks, HSTS verification, and cookie security auditing
Setup Guide
-
1
Add Your Forge Site to StackShield
In your StackShield dashboard, add the domain of your Forge-managed site as a new monitored site. StackShield will begin scanning it on your configured schedule.
-
2
Set Up a Deployment Hook
In Forge, go to your site settings and add a deployment script line that triggers a StackShield scan. Use a cURL command that calls your StackShield trigger URL after each successful deployment.
-
3
Configure Notification Channels
Set up your preferred notification channels (Slack, email, or webhooks) in StackShield so your team is alerted when a post-deployment scan finds issues.
-
4
Review Your First Scan Results
After the initial scan completes, review the findings in your StackShield dashboard. Address any issues found, and subsequent scans will confirm they are resolved.
Ideal Use Case
Laravel Forge users benefit from StackShield because Forge focuses on provisioning and deployment, not runtime security monitoring. A common scenario is deploying a new feature that accidentally enables debug mode or exposes a dev tool endpoint. StackShield catches these issues immediately after deployment, before an attacker can exploit them. This is especially important for solo developers and small teams using Forge who do not have a dedicated security team reviewing every deployment.
Frequently Asked Questions
Does StackShield need access to my Forge account or server?
No. StackShield scans your application from the outside, just like an attacker would. It only needs the public URL of your site. The deployment hook is an optional enhancement that triggers scans after deploys.
What does StackShield check that Forge does not?
Forge manages server provisioning and SSL certificates but does not check your application for exposed debug pages, accessible .env files, Telescope or Horizon dashboards, missing security headers, open admin panels, or other application-level misconfigurations.
Can I use StackShield with Forge sites that use custom Nginx configurations?
Yes. StackShield scans your application over HTTP/HTTPS regardless of your Nginx configuration. In fact, custom Nginx configurations are one area where security headers can be misconfigured, making StackShield checks particularly valuable.
Related Integrations
Laravel Envoyer
Trigger StackShield security scans after every Envoyer deployment. Verify your Laravel app is secure before users hit the new release.
Slack
Get instant Slack notifications when StackShield detects security issues in your Laravel app. Channel-based alerts keep your entire team informed.
GitHub Actions
Run StackShield security scans as part of your GitHub Actions workflow. Catch misconfigurations before they reach production.
Try StackShield Free for 14 Days
Start monitoring your Laravel application security in minutes. No installation required.
Start Free Trial