Ran a platform audit before public launch. Found and fixed several serious issues.
Payments.
Discovered race conditions in the payment system: concurrent requests could double-hold funds or release escrow twice. Added atomic database-level locks. Every payment operation now goes through SELECT FOR UPDATE.
Also fixed negative wallet holds, payment source validation, and webhook replay protection.
XSS.
All user HTML content (blog, community, news, docs) now passes through sanitize-html. Scripts, iframes, event handlers are stripped automatically.
File uploads.
Removed executable file extensions (js, html, ts, py) from allowed chat attachments. Only documents, images, archives, audio, video remain.
Performance.
Configured nginx proxy_cache for images: avatars, service photos, portfolio items cached at nginx level and served in 1ms. Fixed Cache-Control for static assets: JS and CSS now cached with immutable for one year instead of no-cache.
Monitoring.
Built Telegram alert system instead of external monitoring services. Admins get notifications about new users, services pending moderation, orders, subscriptions. Moderation via inline buttons directly in Telegram. Separate uptime script checks platform every 2 minutes.
