Prevent from Brute-force attack In Laravel 7, Illuminate\Foundation\Auth\ThrottlesLogins is already there in LoginController which is used to prevent brute-force attack. Route::post(‘login’, ‘Auth\LoginController@postLogin’)->middleware(“throttle: maxAttempts, decayMinutes“); Prevent from going back in browser history after login/logout After logout, users should not be able to go back to the previous page by using browser’s “back” button. We need to add …