|
|
b876564f4a
|
📚 Complete documentation overhaul
### New Documentation:
- **URL Format Guide**: Complete guide for image resizer URL patterns
- **Hybrid Architecture**: Vercel Edge + Quoter integration strategy
- **Updated How-it-works**: Comprehensive system architecture with diagrams
- **Enhanced Configuration**: Security settings, troubleshooting, Vercel integration
### Documentation Structure:
📋 Architecture & Principles:
- 🚀 How Quoter Works (detailed system architecture)
- 🔀 Hybrid Architecture (Vercel + Quoter best practices)
- 📐 URL Format (complete resizer URL guide)
🛡️ Security & Configuration:
- 🔒 Security & DDoS Protection (comprehensive guide)
- ⚙️ Configuration (updated with new settings)
- 🚀 Deployment & 📊 Monitoring
🎨 Integrations:
- Vercel OG Integration guides
- Edge Function examples
### Key Features Documented:
- Complete URL patterns for image resizing
- Security rate limiting configuration
- Hybrid upload (Quoter) + download (Vercel) strategy
- JWT validation and session management
- Multi-cloud storage (Storj + AWS fallback)
- Performance optimization techniques
- Production deployment strategies
All documentation is now production-ready and includes practical examples! 📖✨
|
2025-09-02 12:32:15 +03:00 |
|
|
|
82668768d0
|
🔒 Implement comprehensive security and DDoS protection
### Security Features:
- **Rate Limiting**: Redis-based IP tracking with configurable limits
- General: 100 requests/minute (5min block)
- Upload: 10 requests/5min (10min block)
- Auth: 20 requests/15min (30min block)
- **Request Validation**: Path length, header count, suspicious patterns
- **Attack Detection**: Admin paths, script injections, bot patterns
- **Enhanced JWT**: Format validation, length checks, character filtering
- **IP Tracking**: X-Forwarded-For and X-Real-IP support
### Security Headers:
- X-Content-Type-Options: nosniff
- X-Frame-Options: DENY
- X-XSS-Protection: 1; mode=block
- Content-Security-Policy with strict rules
- Strict-Transport-Security with includeSubDomains
### CORS Hardening:
- Limited to specific domains: discours.io, new.discours.io
- Restricted methods: GET, POST, OPTIONS only
- Essential headers only
### Infrastructure:
- Security middleware for all requests
- Local cache + Redis for performance
- Comprehensive logging and monitoring
- Progressive blocking for repeat offenders
### Documentation:
- Complete security guide (docs/security.md)
- Configuration examples
- Incident response procedures
- Monitoring recommendations
Version bump to 0.6.0 for major security enhancement.
|
2025-09-02 11:40:43 +03:00 |
|
|
|
7497b8c426
|
build-reconfig2
Deploy / deploy (push) Has been skipped
CI / test (push) Failing after 20s
CI / lint (push) Successful in 7m1s
|
2025-09-02 10:46:51 +03:00 |
|
|
|
d6b286f478
|
0.5.1
Deploy / deploy (push) Has been skipped
CI / lint (push) Failing after 7s
CI / test (push) Has been cancelled
|
2025-09-01 22:52:33 +03:00 |
|
|
|
6c3262edbe
|
simpler-auth+no-overlay
Deploy / deploy (push) Has been skipped
CI / lint (push) Failing after 8s
CI / test (push) Failing after 3m57s
|
2025-09-01 20:36:15 +03:00 |
|
|
|
a44bf3302b
|
test-fix
Deploy / deploy (push) Has been skipped
CI / test (push) Successful in 6m50s
CI / lint (push) Failing after 1m5s
|
2025-08-12 15:59:51 +03:00 |
|
|
|
44323d2d9c
|
ci
CI / lint (push) Failing after 1m5s
Deploy / deploy (push) Has been skipped
CI / test (push) Successful in 9m11s
|
2025-08-02 00:39:05 +03:00 |
|
|
|
ea92a376ed
|
docs
CI / test (push) Failing after 4m0s
CI / lint (push) Failing after 4s
CI / deploy (push) Has been skipped
|
2025-08-02 00:18:09 +03:00 |
|
