Security

A concise overview of how Aeptus protects preview access, content operations, and data flows.

Quellinhalt wird angezeigt aus `en-gb` solange diese Sprache noch nicht übersetzt ist.

Access control

Access to the preview CMS and MCP endpoint is enforced through Cloudflare Access before the application itself is reached.

Operational boundaries

The static site, CMS, and plugin operations are kept as separate surfaces so authoring, publishing, and automation do not collapse into one opaque runtime path.

Signed application-level flows are used where plugins communicate with each other or with preview surfaces.

Reporting concerns

If you need to report a security concern, use the contact route shown in the footer and include a concrete description of what you observed.