How to Solve Facade\Ignition\Http\Middleware\IgnitionEnabled?

Question

----------------------------------------------------------------------------------+
| Domain | Method   | URI                        | Name             | Action                                                                 | Middleware
                                                                                  |
+--------+----------+----------------------------+------------------+------------------------------------------------------------------------+--------------------------------------------------
----------------------------------------------------------------------------------+
|        | GET|HEAD | /                          |                  | Closure                                                                | web
                                                                                  |
|        | POST     | _ignition/execute-solution |                  | Facade\Ignition\Http\Controllers\ExecuteSolutionController             | Facade\Ignition\Http\Middleware\IgnitionEnabled,F
acade\Ignition\Http\Middleware\IgnitionConfigValueEnabled:enableRunnableSolutions |
|        | GET|HEAD | _ignition/health-check     |                  | Facade\Ignition\Http\Controllers\HealthCheckController                 | Facade\Ignition\Http\Middleware\IgnitionEnabled
                                                                                  |
|        | GET|HEAD | _ignition/scripts/{script} |                  | Facade\Ignition\Http\Controllers\ScriptController                      | Facade\Ignition\Http\Middleware\IgnitionEnabled
                                                                                  |
|        | POST     | _ignition/share-report     |                  | Facade\Ignition\Http\Controllers\ShareReportController                 | Facade\Ignition\Http\Middleware\IgnitionEnabled,F
acade\Ignition\Http\Middleware\IgnitionConfigValueEnabled:enableShareButton       |
|        | GET|HEAD | _ignition/styles/{style}   |                  | Facade\Ignition\Http\Controllers\StyleController                       | Facade\Ignition\Http\Middleware\IgnitionEnabled

Answer 1

If you have a lot of POST request /_ignition/execute-solution in your production server by a random attacker and you notice that request call to the following controller and middlewares:

Controller  Facade\Ignition\Http\Controllers\ExecuteSolutionController
Middleware  Facade\Ignition\Http\Middleware\IgnitionEnabled, Facade\Ignition\Http\Middleware\IgnitionConfigValueEnabled:enableRunnableSolutions

you have to set APP_DEBUG to false in your .env file instead of removing the Facade/Ignition package.

Answer 2

It's not a problem to solve, these are the routes of the new debugging package for Laravel 6 called Facade/Ignition

They are required so Laravel can show you errors when they occur

So just ignore them

However, if you want to remove these routes (which is not recommended), you can remove this line from composer.json

 "require-dev": {
        "facade/ignition": "^1.4", <--- Remove this one
        "fzaninotto/faker": "^1.4",
        "mockery/mockery": "^1.0",
        "nunomaduro/collision": "^3.0",
        "phpunit/phpunit": "^8.0"
    },

And run

composer update

But then you wouldn't see custom error pages but the default PHP7 errors table and stack trace.

You can still get the old package filp/whoops by installing it

composer require filp/whoops

Answer 3

Up to date solution for this problem:

1. Update facade/ignition:

composer update facade/ignition

2. If you don't have config/ignition.php then run:

php artisan vendor:publish --tag=ignition-config

3. Then make this edition:

'enable_runnable_solutions' => false,