FoxCloud is a rapidly evolving project. We generally only support the latest version with security updates.

If you discover a security vulnerability within FoxCloud, please send an email to [INSERT EMAIL ADDRESS] instead of using the public issue tracker.

Please include the following information in your report:

• Description of the vulnerability
• Steps to reproduce the vulnerability
• Potential impact of the vulnerability
• Any possible mitigations you've identified

FoxCloud is designed with security in mind, but there are some important considerations:

• Never commit sensitive environment variables to version control
• Use wrangler secret put for production deployments
• Rotate UUIDs regularly for enhanced security

• Only use trusted proxy servers
• Ensure proxy servers support WebSocket connections
• Verify SSL certificates on proxy servers

• Generate secure, random UUIDs for each user
• Use strong, unique UUIDs (version 4 recommended)
• Limit the number of active UUIDs

1. Always use the latest version of FoxCloud
2. Regularly rotate UUIDs
3. Monitor access logs for suspicious activity
4. Use strong authentication mechanisms
5. Keep dependencies up to date

• Cloudflare Security Documentation
• VLESS Protocol Security