Security Overview
Core controls used in this deployment of ClientHaven.
Controls
- Password hashing with bcrypt for account and share-password credentials.
- Token hashing (SHA-256) for invite and share links; raw tokens are never stored.
- Private upload storage outside /public with authorized streaming routes.
- Rate limiting on login, share token access, and share password attempts.
- Activity/audit logging for approvals, signatures, and critical file actions.
- Security headers including nosniff, CSP baseline, and strict referrer policy.