dco.inkdco.ink

Security

Last updated: October 30, 2025

This document outlines the security infrastructure and strategies employed by dco.ink to protect our services, data, and users.

1. Infrastructure Security

Our core infrastructure is built on industry-leading platforms and practices to ensure high availability and defense against threats.

  • Global Network Hosting: The Service is hosted on Cloudflare's global network, leveraging its massive capacity for defense and performance enhancement.
  • Threat Protection: Comprehensive DDoS protection and a dedicated Web Application Firewall (WAF) are active to filter malicious traffic and protect against common web application exploits.
  • Connection Encryption: All data transmissions between users and our servers are secured using SSL/TLS encryption (HTTPS).
  • Auditing: We perform regular security audits to proactively identify and mitigate potential infrastructure weaknesses.

2. Authentication & Session Management

We employ modern, secure standards for verifying user identity and maintaining secure sessions.

  • Authentication Method: We utilize OAuth 2.0 for external, secure authentication, currently supporting integration with providers like Google and GitHub.
  • Password Policy: No user passwords are stored on our servers. Authentication is entirely delegated to the secure OAuth providers.
  • Session Security: User sessions are managed securely using JWT (JSON Web Token)-based methods.

3. Data Protection

Safeguarding user-created links and associated metadata is a top priority.

  • Encryption: User data is protected with encryption both at rest (on storage media) and in transit (via SSL/TLS).
  • Resilience: Regular backups are performed to ensure data integrity and rapid recovery capabilities in case of unforeseen failure.
  • Access Control: Access to sensitive operational data is strictly managed through granular access controls and comprehensive logging for audit trails.

4. Abuse Prevention and Response

We actively work to prevent malicious use of the redirection service and respond swiftly to reported issues.

  • Request Throttling: Rate limiting is enforced across the platform to prevent automated attacks, spamming, and denial-of-service attempts against our services.
  • Content Monitoring: Systems are in place for malware and phishing detection within submitted URLs to protect end-users who click the short links.
  • Reporting Mechanism: We maintain a user reporting system to allow the community to flag suspicious activity.
  • Incident Response: We commit to a quick response to all abuse reports to minimize service misuse.

5. Security Contact & Vulnerability Disclosure

We encourage ethical security researchers to help us improve our service.

  • Reporting Security Issues: If you discover any security vulnerability in the dco.ink service, please report it to us privately at: Email: support@dco.ink