File size: 1,426 Bytes
42a7d7b 7f99b73 42a7d7b 7f99b73 42a7d7b | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 | # Security Policy
## Reporting a Vulnerability
If you discover a security vulnerability, please report it responsibly:
1. **Do NOT open a public issue**
2. Email the maintainer or open a private security advisory on GitHub
3. Include steps to reproduce if possible
We'll respond within 48 hours and work on a fix.
## Security Best Practices
When deploying Hugging8n:
- **Enable basic auth** — set `N8N_BASIC_AUTH_USER` and `N8N_BASIC_AUTH_PASSWORD` to protect your n8n instance from unauthorized access
- **Create a strong n8n owner password** during first-run setup
- **Set your Space to Private** — prevents unauthorized access to your n8n instance from the web
- **Keep your HF token scoped** — use fine-grained tokens with minimum permissions (read/write to your backup dataset only)
- **Set a strong `N8N_ENCRYPTION_KEY`** — protects your stored credentials; if lost, credentials cannot be recovered
- **Optionally set `CLOUDFLARE_PROXY_SECRET` in both Space and Worker** — recommended to prevent Worker URL abuse as an open proxy
- **Keep secure cookies enabled on HTTPS** — default is secure in this project; only disable for local non-HTTPS testing
- **Don't commit `.env` files** — the `.gitignore` already excludes them
- **Review n8n credentials** — periodically audit credentials stored in n8n
## Supported Versions
| Version | Supported |
|---------|-----------|
| 1.0.x | ✅ |
|