Security Hardening

Security Hardening

Batch of pre-launch security improvements across infrastructure and application.

• security.txt published at /.well-known/security.txt on all SpeyBooks domains per RFC 9116
• Intrusion prevention — automated brute force detection and IP banning for SSH, HTTP auth failures, bot scanning, and excessive 404 requests
• Backup lifecycle — automatic expiration policy applied to offsite backups
• Registration error hardening — error messages no longer reveal whether an email address is registered