Skip to content

v1.1.1 — Security Hardening

Choose a tag to compare

View all tags
@ankit2101 ankit2101 released this 05 Mar 09:56
· 53 commits to main since this release
v1.1.1
08e4941

Security Hardening Patch

This patch release addresses security findings from a full deployment audit of the production server.

🔒 Server-Side Fixes (applied directly to production)

Fix Detail
UFW Firewall Installed and configured — only ports 22 (SSH), 80 (HTTP), and 443 (HTTPS) allowed inbound. Port 111 (rpcbind) and all other ports blocked.
fail2ban Installed with SSH jail (3 failed attempts → 24h ban) and nginx bot-search jail (2 attempts → 24h ban) to mitigate active brute-force attacks.
HTTP Security Headers Added Strict-Transport-Security, X-Frame-Options: SAMEORIGIN, X-Content-Type-Options: nosniff, Referrer-Policy, Permissions-Policy, and Content-Security-Policy to all nginx responses.
Nginx Rate Limiting API endpoints limited to 30 req/min (burst 10); general routes limited to 60 req/min (burst 20). Returns HTTP 429 on excess.
Nginx Version Hidden server_tokens off added — response header now shows Server: nginx with no version number.
.env Permissions Changed from 0664 (group-readable) to 0600 (owner-only).
opc User Locked Oracle Cloud default opc user shell changed from /bin/sh to /usr/sbin/nologin.

🔒 Code Fixes (in this release)

Strict SECRET_KEY Validation (config.py)

  • Removed the hardcoded fallback value 'chapterwise-secret-change-in-prod-2024'
  • App now raises a RuntimeError at startup if SECRET_KEY is missing or empty — prevents silent use of a known insecure default

CORS Origin Scoping (app.py)

  • Added PRODUCTION_ORIGIN environment variable support
  • Set PRODUCTION_ORIGIN=https://your-domain.com in .env to allow your production domain
  • localhost origins remain for local development only

⚙️ Upgrade Notes

If upgrading from v1.1.0:

  1. Ensure your .env file has a SECRET_KEY set — the app will refuse to start without it:

    python3 -c "import secrets; print(secrets.token_hex(32))"

  2. For production deployments, add your domain to .env:

    PRODUCTION_ORIGIN=https://your-domain.com

  3. Restart the service after updating:

    sudo systemctl restart chapterwise

No database migrations required.

Full Changelog

  • 08e4941 Security hardening: SECRET_KEY validation and CORS scoping
Assets 2
Loading