Files

ComputerTech312 f409977257 Complete ircquotes application with all features

- Added copy quote functionality with clipboard integration
- Implemented bulk moderation actions for admin
- Created mobile responsive design with bash.org styling
- Added API rate limiting per IP address
- Implemented dark mode toggle with flash prevention
- Enhanced error messages throughout application
- Fixed all security vulnerabilities (SQL injection, XSS, CSRF)
- Added comprehensive rate limiting on all endpoints
- Implemented secure session configuration
- Added input validation and length limits
- Created centralized configuration system with config.json
- Set up production deployment with Gunicorn
- Added security headers and production hardening
- Added password generation and config management tools

2025-09-20 19:41:23 +01:00

2.5 KiB

Raw Blame History

ircquotes Production Deployment

Configuration Management

Configuration File: `config.json`

All application settings are now centralized in config.json. You can easily modify:

App settings (host, port, debug mode)
Database configuration (URI, connection pool settings)
Security settings (CSRF, session cookies, security headers)
Rate limiting (per-endpoint limits)
Quote settings (length limits, pagination)
Admin credentials
Feature toggles

Viewing Current Configuration

python config_manager.py

Updating Configuration

# Change port
python config_manager.py app.port 8080

# Change quotes per page
python config_manager.py quotes.per_page 50

# Disable CSRF (not recommended)
python config_manager.py security.csrf_enabled false

# Change rate limits
python config_manager.py rate_limiting.endpoints.login "10 per minute"

Running with Gunicorn (Production)

Quick Start

# Activate virtual environment
source .venv/bin/activate

# Install dependencies
pip install -r requirements.txt

# Run with Gunicorn (recommended for production)
gunicorn --config gunicorn.conf.py app:app

Alternative Gunicorn Commands

Basic production run:

gunicorn -w 4 -b 0.0.0.0:5050 app:app

With more workers (for higher traffic):

gunicorn -w 8 -b 0.0.0.0:5050 --timeout 30 app:app

Behind a reverse proxy (nginx/apache):

gunicorn -w 4 -b 127.0.0.1:5050 app:app

Environment Variables for Production

export FLASK_ENV=production

Security Notes

All major security vulnerabilities have been fixed
CSRF protection enabled
XSS protection with output escaping
SQL injection prevention
Rate limiting on all endpoints
Secure session configuration
Security headers added

Admin Access

Username: Configurable in config.json (default: admin)
Password: Use the Argon2 hashed password in config.json

Configuration Examples

High-Traffic Setup

{
  "quotes": {
    "per_page": 50
  },
  "rate_limiting": {
    "endpoints": {
      "vote": "120 per minute",
      "search": "60 per minute"
    }
  }
}

Development Setup

{
  "app": {
    "debug": true,
    "port": 5000
  },
  "security": {
    "session_cookie_secure": false
  },
  "logging": {
    "level": "DEBUG"
  }
}

Production Security Setup

{
  "security": {
    "session_cookie_secure": true,
    "csrf_enabled": true
  },
  "logging": {
    "level": "WARNING"
  }
}

2.5 KiB Raw Blame History