Security Plan

The following steps will be taken to protect the app from getting hacked, Data being stolen or protecting sensitive information. Feel confident in the integrity of your software.

Users Account Security

‣ 2 Factor Authentication

‣ Login Attempts Measures

‣ Block/Unblock users from the admin

‣ End-to-end encryption for account details is included in the database.

Data Security

‣ Hide Files to access directly

‣ Files Encryption

‣ Local Access only for the databases

‣ Data Backup module

Server Security

‣ Installing Firewall

‣ Ports Management

‣ Reverse Proxy

‣ Virtual Hosts

‣ Database Backup

‣ Code tracking through Git during the support/development process

Client-side Security

‣ Cross-site request forgery XSRF/CSRF

‣ Secure uploading of files

‣ Update the framework regularly

‣ Cross-site scripting (XSS)

‣ Turning off Display errors

‣ Sanitization of all inputs

‣ Encrypted IDs from the database

Server Side Security

‣ CSRF Token Implementation

‣ Session Hijacking Measures

‣ SQL Injection Attacks Protection

Website Domain Security

‣ SSL Certificates, Renewable after 3 months

‣ DNS Checkup and fixes