Skip to content
This repository was archived by the owner on May 11, 2026. It is now read-only.

Security: thenolle/url-shortener

Security

.github/SECURITY.md

Security Policy

Supported Versions

Version Supported
1.x.x

Reporting a Vulnerability

We take security seriously. If you discover a security vulnerability, please follow these steps:

  1. Do NOT open a public issue
  2. Go to the Security tab and click "Report a vulnerability"
  3. Provide detailed information about the vulnerability
  4. Include steps to reproduce if possible

What to Include

  • Description of the vulnerability
  • Potential impact
  • Steps to reproduce
  • Suggested fix (if you have one)

Response Time

  • We will acknowledge receipt within 48 hours
  • We will provide an initial assessment within 7 days
  • We will keep you updated on the progress

Disclosure Policy

  • We will work with you to understand the issue
  • We will patch the vulnerability in a timely manner
  • We will credit you in the security advisory (if you wish)

Security Best Practices

When deploying this application:

  • Use strong PostgreSQL passwords
  • Enable HTTPS in production
  • Keep dependencies updated
  • Rotate API keys regularly
  • Review access logs
  • Enable security scanning services
  • Restrict admin access
  • Use environment variables for secrets
  • Enable database backups

Security Features

This application includes:

  • Google Safe Browsing integration
  • VirusTotal scanning
  • URLert AI detection
  • IP and domain banning
  • Rate limiting
  • Password-protected links
  • Admin audit logging

Thank you for helping keep this project secure!

There aren't any published security advisories