We are very security conscious and we take this very seriously. We have over 25 years of combined experience in building and maintaining highly visible web systems. Some of the standard best practices we employ to protect our systems:
- We use trusted, well respected Linux distributions (CentOS in this case).
- We keep our systems patched and up to date.
- We use firewalls and SELinux proactively and use a whitelist approach for limited access/services.
- We follow security lists for our operating systems as well as any auxiliary tools we use.
We are also transparent and frank and believe in open and full disclosure of security issues. We appreciate any feedback from members of the community, and take all suggestions and potential exploits very seriously.
security AT onetimesecret dot com