Security Policy
This site follows a security-first, minimal-attack-surface model.
Measures in place
- HTTPS enforced via Let’s Encrypt
- Static content only for public users
- No client-side JavaScript execution
- Administrative access restricted to LAN
- Hardened SSH configuration
- Firewall and intrusion prevention enabled
Vulnerability disclosure
If you discover a security issue, please report it responsibly via the contact form.
Do not attempt exploitation.
Last updated: February 2026