mirror of
https://github.com/rcourtman/Pulse.git
synced 2026-05-12 05:45:27 +00:00
28f9d9db53
Security Features Added: - Secure-by-default configuration export/import with ALLOW_UNPROTECTED_EXPORT environment variable - Rate limiting (5 attempts/minute) to prevent brute force attacks on sensitive endpoints - Comprehensive audit logging for all export/import attempts with IP tracking - Frontend Security tab showing API protection status and configuration guidance - Frontend now shows when export is blocked and disables buttons appropriately - Strong passphrase requirement (minimum 12 characters) for exports Technical Implementation: - New RateLimiter component with automatic cleanup and middleware support - Security status API endpoint showing protection state - Enhanced error messaging with specific guidance for homelab vs production use - Proper authentication flow with API token validation - Updated documentation reflecting new security model Breaking Changes: - Export/import now requires API_TOKEN unless ALLOW_UNPROTECTED_EXPORT=true is set - Minimum passphrase length increased from none to 12 characters Additional Improvements: - Fixed architecture-specific updates for better cross-platform support - Removed RC label from UI header - Updated security documentation with clear setup instructions |
||
|---|---|---|
| .. | ||
| images | ||
| FAQ.md | ||
| MIGRATION_V3_TO_V4.md | ||
| PBS-AGENT.md | ||
| PROXMOX_HELPER_ISSUE.md | ||
| SCREENSHOTS.md | ||
| SECURITY.md | ||