Our target : PrivLock

We are God’s people. We believe in God. We believe in the Constitution. But we don’t believe in government and big corporations. That’s why PrivLock was founded..

High-Level Summary of the Entire Design

The system is a privacy-focused, secure login manager with three main subsystems: Login/Auth, Signup, and User Admin. It uses HAProxy as a reverse proxy, C/Go backends for logic, and Redis for storage. Key features include:

Protecting Your Website with Content Security Policy (CSP)

When your website starts serving to the world, it becomes a potential target for hackers. You might want to allow URLs only from your website to prevent cross-site attacks.

Modern browsers allow websites to announce a header called “Content-Security-Policy” (CSP). You can specify which sites are allowed in this header, and browsers will block resources from any sites not in your CSP, treating them as cross-site attacks.

Finding a Login Protection Solution

For any website, robust login protection is crucial. Existing solutions often fall short of my requirements:

1. Security
2. Dynamic capability
3. Resistance to brute force attacks

I analyzed many options and initially considered Aerospike and ScyllaDB as ideal solutions. However, I abandoned these ideas because they proved too difficult to compile from source on standard Linux systems. I attempted builds on both Debian and Alpine with no success.