Best Practices
Here are some common best practices for running Secured Signal API, but these generally apply for any service.
Usage
- Create separate configs for each service
- Use placeholders extensively (trust me, they are so useful)
- Always keep your stack up-to-date (this is why we have Docker)
Security
- Always use API tokens in production
- Run behind a tls-enabled reverse proxy
- Be cautious when overriding blocked endpoints
- Use per-token overrides to enforce least privilege
- Always allow the least possible access points