Security (2FA, CAPTCHA, GDPR)
Security is built in from the ground up, and a few controls are yours to enable.
What is built in
The site uses parameterised database queries, output escaping, CSRF protection on forms, bcrypt password hashing, a login throttle against brute force, security headers and a Content-Security-Policy, sanitised SVG uploads, and a same-origin guard on the calculator API. Stripe webhooks are signature-verified, and the session cookie is hardened.
What you control
- Two-factor authentication (TOTP) for admin and member accounts, using any authenticator app.
- CAPTCHA or reCAPTCHA on forms to stop spam sign-ups and submissions.
- GDPR tools: members can export their data (a one-click JSON download) and delete their account.
- Cookie consent with Google Consent Mode v2: enable the banner in Settings, Site Features. When it is on, all analytics and ad tags (GA4, Tag Manager, Meta Pixel, Google Ads, AdSense) default to "denied" and only load after the visitor clicks Accept; Decline keeps them off, and a returning visitor who accepted is remembered. When it is off, tracking loads as before with no consent gate. Turn it on for EU/UK traffic.
- Trust proxy headers: enable this only if you are behind Cloudflare, Nginx or a load balancer; otherwise leave it off, as enabling it without a real proxy would let visitors spoof their IP.
Turning on two-factor authentication for your own admin account is the single most valuable thing you can do to protect the site.