Security

A cautious architecture for sensitive data.

The site applies simple and verifiable practices: hashed passwords, protected customer space, short-lived tokens, audit logs and software files stored outside the public directory.

Secured downloads

Full versions are served through expiring, logged tokens.

Licenses not stored in clear text

License keys are hashed in the database; the raw key is only displayed when created.

Files outside public web root

Executables are stored under var/downloads and served by a controller.

Separated admin access

Customers, products, releases, licenses and messages are managed from a protected area.