You may have noticed that the debugbar is enabled by default in Laravel. You want to disable it, but you don’t know how to do it, because there’s no such option in the Debug configuration file or console command line? Well, this tiny package will solve your problem!
How to disable the Laravel debugbar
Laravel 9 includes a new feature called debug bar. This lets you see various types of information about your application’s performance, including queries, Eloquent models and more. The problem is that it can be exploited by attackers to execute remote code if your php runtime has not been updated to include the latest security fixes (which is standard on many servers). It’s easy enough to work around this with one line in config/app.php: $env
Features of Laravel Debugbar
Laravel DebugBar is an excellent package for displaying information about the current request, with a clean and easy-to-navigate interface that does not clutter your view of the page. It includes many helpful features like a JSON viewer, an interactive XHR viewer with response code highlighting and more.
However, it is also an open security risk for many users because it generates sensitive information in plaintext which can be read by any user on your system running PHP’s built-in web server (including non-administrative users).
There are two ways to solve this problem: either by disabling debug bar in production environments, or by implementing strong permissions that restrict access to this file.
How to debug Laravel App using Laravel Debugbar
Laravel Debug Bar is a package that integrates PHP Debug Bar with Laravel. It includes a ServiceProvider to register the Laravel debugbar and attach it to the output. It bootstraps some Collectors to work with Laravel and implements a couple custom DataCollectors, specific for Laravel. One of these custom Collectors is an exploit checker, which will warn you if it detects an SQL injection vulnerability in your app’s code – something you should be on the lookout for! This package provides all of this functionality out-of-the-box, so you don’t have to do anything but install it in your project via Composer and take advantage of its features!
Usage
You can now add messages using the Facade (when added), using the PSR-3 levels (debug, info, notice, warning, error, critical, alert, emergency):
Debugbar::info($object); Debugbar::error('Error!'); Debugbar::warning('Watch out…'); Debugbar::addMessage('Another message', 'mylabel');
And start/stop timing:
Debugbar::startMeasure('render','Time for rendering'); Debugbar::stopMeasure('render'); Debugbar::addMeasure('now', LARAVEL_START, microtime(true)); Debugbar::measure('My long operation', function() { // Do something… });
Or log exceptions:
try { throw new Exception('foobar'); } catch (Exception $e) { Debugbar::addThrowable($e); }
There are also helper functions available for the most common calls:
// All arguments will be dumped as a debug message debug($var1, $someString, $intValue, $object); // `$collection->debug()` will return the collection and dump it as a debug message. Like `$collection->dump()` collect([$var1, $someString])->debug(); start_measure('render','Time for rendering'); stop_measure('render'); add_measure('now', LARAVEL_START, microtime(true)); measure('My long operation', function() { // Do something… });
What are the benefits of disabling the Laravel debugbar
Having an understanding of what a package does is necessary before installing it in your production environment. The easiest way to disable the Laravel debugbar is by using this package which will require you to add one line of code and register a ServiceProvider with Laravel. This package has been updated with new features that were previously unavailable on previous versions, such as disabling the laravel debugbar exploit and also not requiring any configuration files or adding any hidden files/directories.
How to re-enable the Laravel debugbar
Have you ever been left wondering how and why something happened? Maybe your site went down for no reason, or a customer service email went out in error. Wouldn’t it be great if there was an easy way to find out what happened? That’s where the Laravel Debug Bar comes in! The Debug Bar is a package created by Taylor Otwell that adds a bar of helpful information to the bottom of your page, telling you how long your server has been running, how many times each page has been called and much more! If you are worried about security exploits like the one found with older versions of Laravel 9 and 10, rest assured that this issue has now been fixed.