Why does Laravel Ignition Exposure matter for Laravel security?

Failing to address laravel ignition exposure can leave your Laravel application vulnerable to attacks. StackShield continuously monitors for this issue so you can catch it before attackers do.

How do I fix a Laravel Ignition Exposure issue?

This is rated as an easy fix, typically taking 5 minutes. See the full documentation above for step-by-step instructions.

How to Fix Laravel Ignition Exposure in Production

What This Check Detects

Checks if Laravel Ignition error page is exposed in production.

Full Documentation

What is Ignition?

Ignition is Laravel's beautiful error page showing detailed stack traces and debugging information. It should never be accessible in production as it exposes critical application details.

Security Impact

Severity: Critical

Complete application structure exposure
Environment variables visible
Database queries revealed
File paths disclosed
Dependency information exposed

How to Fix

1. Disable Debug Mode

APP_DEBUG=false
APP_ENV=production

2. Clear Configuration Cache

php artisan config:clear
php artisan config:cache

3. Restrict Ignition in Production

// config/ignition.php
'enable_share_button' => env('APP_DEBUG', false),
'enable_runnable_solutions' => env('APP_DEBUG', false),

4. Remove from Production (Optional)

composer remove spatie/laravel-ignition --dev

Or conditional loading:

{
    "require-dev": {
        "spatie/laravel-ignition": "^2.0"
    }
}

Verification Steps

Set APP_DEBUG=false
Trigger an error
Verify generic error page is shown
Confirm no stack trace visible
Check Ignition is not accessible

Related Issues

Laravel Debug Mode
Telescope Exposure
Exposed .env Files

Related Security Checks

Laravel Telescope Exposure

Checks if Laravel Telescope debugging tool is exposed in production.

Easy fix 10 minutes

Laravel Debug Mode

Checks if Laravel debug mode is enabled in production.

Easy fix 5 minutes