| Version | Supported |
|---|---|
| 1.x.x | ✅ |
We take security seriously. If you discover a security vulnerability, please follow these steps:
- Do NOT open a public issue
- Go to the Security tab and click "Report a vulnerability"
- Provide detailed information about the vulnerability
- Include steps to reproduce if possible
- Description of the vulnerability
- Potential impact
- Steps to reproduce
- Suggested fix (if you have one)
- We will acknowledge receipt within 48 hours
- We will provide an initial assessment within 7 days
- We will keep you updated on the progress
- We will work with you to understand the issue
- We will patch the vulnerability in a timely manner
- We will credit you in the security advisory (if you wish)
When deploying this application:
- Use strong PostgreSQL passwords
- Enable HTTPS in production
- Keep dependencies updated
- Rotate API keys regularly
- Review access logs
- Enable security scanning services
- Restrict admin access
- Use environment variables for secrets
- Enable database backups
This application includes:
- Google Safe Browsing integration
- VirusTotal scanning
- URLert AI detection
- IP and domain banning
- Rate limiting
- Password-protected links
- Admin audit logging
Thank you for helping keep this project secure!