# Generate a strong secret
openssl rand -base64 32 | npx wrangler secret put JWT_SECRETUnless running behind proxy.deadlight, keep rate limiting enabled:
# wrangler.toml
DISABLE_RATE_LIMITING = "false"CSRF protection is automatic. Ensure all forms include the token:
<form method="POST" action="/admin/delete/123">
<input type="hidden" name="csrf_token" value="${csrfToken}">
<button>Delete</button>
</form>Check /admin/analytics for suspicious patterns:
- Unusual vote patterns
- Failed login attempts
- High error rates
// Always use middleware for protection
router.group([authMiddleware, csrfValidateMiddleware], (r) => {
r.register('/my-route', myHandler);
});export function renderMyForm(data, user, config, csrfToken) {
return `
<form method="POST">
<input type="hidden" name="csrf_token" value="${csrfToken}">
<!-- form fields -->
</form>
`;
}Email: [email protected] PGP Key: [link]
---