Security Overview

Security in Axeiro is designed to be opinionated and default-secure. You deploy applications without managing servers, SSH access, or network rules directly.

1. Account Security

Axeiro supports strong authentication mechanisms, including secure session handling and optional multi-factor authentication. Access to the dashboard is protected using modern authentication standards.

2. Application Isolation

Each deployment runs in an isolated runtime environment. Applications do not share execution contexts, filesystems, or network namespaces with other users’ deployments.

3. Network Security

All applications are exposed through HTTPS endpoints. Traffic is protected using TLS in transit, and inbound requests are routed through a managed edge layer.

Axeiro uses Cloudflare to provide DDoS protection, edge security, and secure request handling by default.

4. Infrastructure Security

Underlying infrastructure is managed by Axeiro. Servers do not expose public SSH access, and applications run in private networks with controlled ingress and egress.

5. Secrets & Configuration

Application secrets and environment variables should be managed through the Axeiro dashboard. Secrets are never committed to source control and are injected securely at runtime.

6. Responsibility Model

Axeiro is responsible for securing the platform, infrastructure, and deployment runtime. You are responsible for the security of your application code and dependencies.