add rate limiting and HSTS for security hardening
Some checks failed
deploy / deploy (push) Failing after 8m33s
Some checks failed
deploy / deploy (push) Failing after 8m33s
- Add Hammer library for rate limiting with ETS backend - Rate limit login (5/min), magic link (3/min), newsletter (10/min), API (60/min) - Add themed 429 error page using bare shop styling - Enable HSTS in production with rewrite_on for Fly proxy - Add security hardening plan to docs Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
jamey
@@ -151,3 +151,4 @@ All plans in [docs/plans/](docs/plans/). Completed plans are kept as architectur
|
||||
| [notification-overhaul.md](docs/plans/notification-overhaul.md) | Planned |
|
||||
| [live-site-editor.md](docs/plans/live-site-editor.md) | Design exploration |
|
||||
| [profit-aware-pricing.md](docs/plans/profit-aware-pricing.md) | Planned |
|
||||
| [security-hardening.md](docs/plans/security-hardening.md) | Planned |
|
||||
|
||||
Reference in New Issue
Block a user