diff --git a/src/markdoc/tags/Cards.svelte b/src/markdoc/tags/Cards.svelte index 7deb7ee507..c21b712324 100644 --- a/src/markdoc/tags/Cards.svelte +++ b/src/markdoc/tags/Cards.svelte @@ -1,5 +1,5 @@ -
- +
+
diff --git a/src/partials/auth-security.md b/src/partials/auth-security.md new file mode 100644 index 0000000000..9094761cfd --- /dev/null +++ b/src/partials/auth-security.md @@ -0,0 +1,23 @@ +# Password history {% #password-history %} + +Password history prevents users from reusing recent passwords. This protects user accounts from security risks by enforcing a new password every time it's changed. + +Password history can be enabled in the Auth service's **Security** tab on the Appwrite Console. You can choose how many previous passwords to remember up to a maximum of 20 and block users from reusing them. + +# Password dictionary {% #password-dictionary %} + +Password dictionary protects users from using bad passwords. It compares the user's password to the [10,000 most common passwords](https://github.com/danielmiessler/SecLists/blob/master/Passwords/Common-Credentials/10k-most-common.txt) and throws an error if there's a match. Together with [rate limits](/docs/advanced/platform/rate-limits), password dictionary will significantly reduce the chance of a malicious actor from guessing user passwords. + +Password dictionary can be enabled in the Auth service's **Security** tab on the Appwrite Console. + +# Password hashing {% #password-hashing %} +Appwrite protects passwords by using the [Argon2](https://github.com/P-H-C/phc-winner-argon2) password-hashing algorithm. +Argon 2 is a resilient and secure password hashing algorithm, which is also the winner of the [Password Hashing Competition](https://www.password-hashing.net/) +Appwrite combines Argon 2 with the use of techniques such as salting, adjustable work factors, and memory hardness to securely handle passwords. + +# Personal data {% #personal-data %} + +Encourage passwords that are hard to guess by disallowing users to pick passwords that contain personal data. +Personal data includes the user's name, email, and phone number. + +Disallowing personal data can be enabled in the Auth service's **Security** tab on the Appwrite Console. \ No newline at end of file diff --git a/src/routes/docs/Sidebar.svelte b/src/routes/docs/Sidebar.svelte index 159c7528bd..12661b5588 100644 --- a/src/routes/docs/Sidebar.svelte +++ b/src/routes/docs/Sidebar.svelte @@ -112,6 +112,12 @@ icon: 'icon-refresh', isParent: true }, + { + label: 'Security', + href: '/docs/advanced/security', + icon: 'icon-shield-check', + isParent: true + }, { label: 'Self-hosting', href: '/docs/advanced/self-hosting', diff --git a/src/routes/docs/advanced/security/+layout.svelte b/src/routes/docs/advanced/security/+layout.svelte new file mode 100644 index 0000000000..2ed1f47b44 --- /dev/null +++ b/src/routes/docs/advanced/security/+layout.svelte @@ -0,0 +1,84 @@ + + + + + + diff --git a/src/routes/docs/advanced/security/+page.markdoc b/src/routes/docs/advanced/security/+page.markdoc new file mode 100644 index 0000000000..e08545a2a0 --- /dev/null +++ b/src/routes/docs/advanced/security/+page.markdoc @@ -0,0 +1,88 @@ +--- +layout: article +title: Security +description: Learn how Appwrite keeps your project, users, and data secure through security measures and compliance. +--- + +Appwrite helps you build secure apps by applying various security and compliance measures. +Appwrite is compliant with [GDPR](/docs/advanced/security/gdpr) and actively working toward [SOC 2](/docs/advanced/security/soc2) and [HIPPA](/docs/advanced/security/hippa) compliance. + +Appwrite also employs [enhanced password protection and encryption](/docs/products/auth/security), [rate limits](/docs/advanced/security/abuse-protection), +[robust permission systems](/docs/advanced/platform/permissions), and [HTTPS/TLS](/docs/advanced/security/tls) to protect you and your users' data. + +# Compliance {% #compliance %} + +The safeguarding of your and your users' data is taken seriously at Appwrite. +Appwrite works to achieve compliance with a variety of standards to protect sensitive data, as well as maintain trust and credibility. + +{% cards %} +{% cards_item href="/docs/advanced/security/gdpr" title="GDPR" %} +Appwrite is GDPR compliant. Learn about our measures, privacy policy, and find our data processing agreement. +{% /cards_item %} + +{% cards_item href="/docs/advanced/security/pci" title="PCI" %} +Appwrite uses Stripe to handle payment and payment information securely. Learn about Appwrite's PCI compliance. +{% /cards_item %} + +{% cards_item href="/docs/advanced/security/soc2" title="SOC 2" %} +Coming soon +{% /cards_item %} + +{% cards_item href="/docs/advanced/security/hippa" title="HIPPA" %} +Coming soon. +{% /cards_item %} + +{% /cards %} + +# Measures {% #measures %} + +Appwrite employs a variety of measures to help you build secure applications, faster. +Learn about the different ways Appwrite protects you and your users' data and privacy. + +{% cards %} +{% cards_item href="/docs/products/auth/security" title="Authentication" %} +Secure authentication methods to +protect your users and promote better passwords. +{% /cards_item %} + +{% cards_item href="/docs/advanced/security/encryption" title="Encryption" %} +Appwrite encrypts sensitive data and files +in Appwrite Databases and Storage. +{% /cards_item %} + +{% cards_item href="/docs/advanced/security/https" title="HTTPS" %} +Appwrite Cloud enforces HTTPS on all endpoints to prevent on-path +attacks like packet sniffing. +{% /cards_item %} + +{% cards_item href="/docs/advanced/security/https" title="TLS" %} +Appwrite assigns TLS certificates on all +Appwrite and user provided domains connected to Appwrite. +{% /cards_item %} + +{% cards_item href="/docs/advanced/security/backups" title="Backups" %} +Appwrite Cloud uses regular backups to prevent +data loss and improve resiliency. +{% /cards_item %} + +{% cards_item href="" title="Penetration tests" %} +Appwrite employs regular third-party penetration tests +to find vulnerabilities. +{% /cards_item %} + +{% cards_item href="" title="Audit logs" %} +Appwrite provides detailed audit logs for each +product to track and discover suspicious activity. +{% /cards_item %} + +{% cards_item href="" title="Abuse protection" %} +Appwrite protects against common abuse methods +like DoS and brute-force attacks. +{% /cards_item %} + +{% /cards %} + +# Reporting vulnerabilities {% #reporting-vulnerabilities %} +If you discover security vulnerabilities, please contact us at security@appwrite.io. +Please avoid **posting a public issue** on GitHub or elsewhere online to prevent malicious actors +from abusing the vulnerabilities before the Appwrite team has chance to patch the issue. \ No newline at end of file diff --git a/src/routes/docs/advanced/security/abuse-protection/+page.markdoc b/src/routes/docs/advanced/security/abuse-protection/+page.markdoc new file mode 100644 index 0000000000..9e0a7d7d48 --- /dev/null +++ b/src/routes/docs/advanced/security/abuse-protection/+page.markdoc @@ -0,0 +1,35 @@ +--- +layout: article +title: Abuse protection +description: Learn how Appwrite protects your apps from abuse through rate limiting and cross-site scripting protection. +--- +Appwrite comes packaged with tools to protect against various forms of abuse, like brute force attacks, data scraping, and many +other common forms of abuse. + +# Rate limiting {% #rate-limiting %} +Appwrite uses rate limits on some endpoints to avoid abuse or brute-force attacks against Appwrite's REST API. +Each Appwrite route documentation has information about any rate limits that might apply to them. + +Rate limits limit the number of requests a user or IP can make against an API within a period of time. +Rate limits help protect against brute force attacks against authentication endpoints and other forms of API +abuse like [denial of service attacks](https://en.wikipedia.org/wiki/Denial-of-service_attack). + +{% arrow_link href="/docs/advanced/platform/rate-limits" %} +Learn more about rate limits +{% /arrow_link %} + +# Cross-origin resource sharing (CORS) {% #CORS %} +Appwrite limits who can make requests to Appwrite's APIs by default. +This means that unless your app's domain is added to Appwrite as a platform, requests are rejected. +By being explicit with the domains that are allowed +to make requests to your Appwrite project, requests from JavaScript hosted on unknown domains +will not be accepted. + +You can add new platforms by navigating to **Overview** > **Platforms** > **Add platform**. + +{% only_dark %} +![Add a platform](/images/docs/quick-starts/dark/add-platform.png) +{% /only_dark %} +{% only_light %} +![Add a platform](/images/docs/quick-starts/add-platform.png) +{% /only_light %} \ No newline at end of file diff --git a/src/routes/docs/advanced/security/audit-logs/+page.markdoc b/src/routes/docs/advanced/security/audit-logs/+page.markdoc new file mode 100644 index 0000000000..c7c66d6898 --- /dev/null +++ b/src/routes/docs/advanced/security/audit-logs/+page.markdoc @@ -0,0 +1,52 @@ +--- +layout: article +title: Audit logs +description: Appwrite provides audit logs to help detect anomalies and investigate security incidents. +--- + +All Appwrite products, like Authentication, Databases, Storage, Functions, and Messaging, provide detailed audit logs. +Audit logs are important in detecting and responding to security incidents. +Through audit logs, you can detect incidents through anomalous activities, +trace the source of security incidents, and understand the scope of users affected so you can respond more quickly +and effectively. + +# Access audit logs {% #access-audit-logs %} +You can access audit logs for different products under the **Activity** tab where applicable. +Logs are available for collections, documents, and individual users. + +{% only_dark %} +![Project settings screen](/images/docs/advanced/security/dark/activity.png) +{% /only_dark %} +{% only_light %} +![Project settings screen](/images/docs/advanced/security/activity.png) +{% /only_light %} + +# Format {% #format %} +Audit log entries under the **Activity** tab has the following structure. +Each entry describes an event. + +{% table %} +* Column +* Description +--- +* User +* Name of the user that performed the event. +--- +* Event +* The name of the [event](/docs/advanced/platform/events). +--- +* Location +* The physical of the user when they performed the action. +--- +* IP +* The IP of the user when they performed an action. +--- +* Date +* The date and time of the event. +{% /table %} + +# Retention {% #retention %} +GDPR data retention rules require any personal data that is collected or processed to be kept +only for as long as data are required to achieve the purpose for which the information was collected. +For this reason, audit logs are retained for only 7 days for Pro organizations and 1 hour +for Starter organizations. \ No newline at end of file diff --git a/src/routes/docs/advanced/security/authentication/+page.markdoc b/src/routes/docs/advanced/security/authentication/+page.markdoc new file mode 100644 index 0000000000..e6e90772b7 --- /dev/null +++ b/src/routes/docs/advanced/security/authentication/+page.markdoc @@ -0,0 +1,10 @@ +--- +layout: article +title: Authentication +description: Learn how Appwrite protects your passwords and helps users pick better passwords. +--- + +Appwrite helps you implement secure authentication in your applications by using advanced password hashing to protect passwords in storage. +Appwrite also provides tools to help users pick better passwords, making them harder to break. + +{% partial file="auth-security.md" /%} \ No newline at end of file diff --git a/src/routes/docs/advanced/security/backups/+page.markdoc b/src/routes/docs/advanced/security/backups/+page.markdoc new file mode 100644 index 0000000000..798a1b7027 --- /dev/null +++ b/src/routes/docs/advanced/security/backups/+page.markdoc @@ -0,0 +1,14 @@ +--- +layout: article +title: Backups +description: Appwrite performs regular data backups to ensure data security. Data must be kept private, but continuously available in the event of malicious attacks, corruption, or accidents. +--- + +Preventing downtime and keeping data available is a crucial part to digital security. +Backups are crucial for: +- Recovering from accidental deletion of data. +- Recovering in case of malicious alteration or deletion of data. +- Reducing downtime in the event of accidental data loss, corruption, or malicious attacks. + +Appwrite Cloud uses multiple databases for its products. Some data bases will have access to point-in-time recovery from the past 7 days. +Other databases performs regular data backups every 4 hours. Each backup is kept for 7 days. \ No newline at end of file diff --git a/src/routes/docs/advanced/security/encryption/+page.markdoc b/src/routes/docs/advanced/security/encryption/+page.markdoc new file mode 100644 index 0000000000..e8fc36299e --- /dev/null +++ b/src/routes/docs/advanced/security/encryption/+page.markdoc @@ -0,0 +1,19 @@ +--- +layout: article +title: Encryption +description: Learn about Appwrite's use of encryption across Appwrite's databases and storage buckets to protect user data. +--- +Other than applying encryption in [authentication](/docs/products/auth/security), [enforcing HTTPS](/docs/advanced/security/https), +and [generating TLS certificate for domains](/docs/advanced/security/tls), Appwrite also uses encryption for Storage, and Databases to come. +Encryption helps secure your files and data in storage. In the event that an attack happens and a malicious actor gains access to files +or data, encrypted files and data cannot be deciphered, adding a further layer of protection. + +## Storage {% #storage %} + +For storage, buckets can have its files encrypted. If enabled, files uploaded to the bucket that are smaller than 20MB will be encrypted in the storage provider. +You can enable encryption by going to your bucket's **Settings** > **Security settings** > toggle **Encryption**. +Files are encrypted with AES-128 in Galois/Counter Mode (GCM). + +## Databases {% #databases %} +Databases will provide the ability to create encrypted columns. This feature is being actively developed and coming soon. +Attributes will be encrypted with AES-128 in Galois/Counter Mode (GCM). diff --git a/src/routes/docs/advanced/security/gdpr/+page.markdoc b/src/routes/docs/advanced/security/gdpr/+page.markdoc new file mode 100644 index 0000000000..f44cdb1078 --- /dev/null +++ b/src/routes/docs/advanced/security/gdpr/+page.markdoc @@ -0,0 +1,38 @@ +--- +layout: article +title: GDPR +description: The safeguarding of your and your users' data is taken seriously at Appwrite. Learn about Appwrite's measures and compliance with European General Data Protection Regulation (GDPR). +--- + +Appwrite compliant with the European General Data Protection Regulation (GDPR). +GDPR is a EU regulation that concerns data privacy and security in the European Union and the European Economic Area. + +By attesting that Appwrite is GDPR compliant, we have done the following: +- Appwrite users will retain access to their personal information including the right to correct and to delete it. +- Impose the same rules upon the organization’s sub-processors who assist in providing Appwrite’s services as described in the Terms of Service (“ToS”). +- Appwrite will notify users promptly about policy changes and/or data breaches. + +You can learn more in our [Privacy policy](https://appwrite.io/privacy) and [Cookie policy](https://appwrite.io/cookies). +You can also reach us at `privacy@appwrite.io` for more questions. + +Appwrite has also implemented the following security measures to achieve technical compliance. +- Appwrite implements a multi-layered security approach, integrating centralized IAM (Identity and Access Management) to regulate access to production resources. +- Cloud security processes are employed for provisioning, configuring, monitoring, and accessing cloud resources. Changes in production environments follow a controlled process using Infrastructure as Code (IaC). +- Industry-standard encryption protocols like TLS/SSL safeguard data transmitted over networks. Additionally, data stored in databases and file storage is secured using techniques like AES encryption. Key rotations are performed at regular intervals to ensure data security. +- Appwrite performs regular security audits at the application and infrastructure layers to ensure compliance with industry-leading security standards and practices. Periodic vulnerability scans are also conducted on software dependencies and packages to mitigate against CVEs. + +# DPA {% #dpa %} + +A DPA, or Data Processing Agreement, is a contract between a data controller and data processor concerning the rights and obligations +of both parties when processing personal data. + +This agreement describes how Appwrite and sub-processors handles, secure, transfers data, as well as outline rights and obligations of both Appwrite and +you or your company when personal data is processed. + +You can find and sign a DPA in your organization's **Settings** > **Download DPA document**. +{% only_dark %} +![Project settings screen](/images/docs/advanced/security/dark/dpa.png) +{% /only_dark %} +{% only_light %} +![Project settings screen](/images/docs/advanced/security/dpa.png) +{% /only_light %} \ No newline at end of file diff --git a/src/routes/docs/advanced/security/hippa/+page.markdoc b/src/routes/docs/advanced/security/hippa/+page.markdoc new file mode 100644 index 0000000000..7bd6dec039 --- /dev/null +++ b/src/routes/docs/advanced/security/hippa/+page.markdoc @@ -0,0 +1,12 @@ +--- +layout: article +title: HIPPA (Coming soon) +description: Learn about Appwrite Cloud's measures to achieve HIPPA compliance. +--- + +HIPAA refers to the Health Insurance Portability and Accountability Act. +HIPPA protects patients' health data from being disclosed without consent or knowledge. + +Appwrite is nearing the completion of its efforts to attain HIPAA and SOC-2 compliance, underscoring our commitment to supporting and empowering developers in their creative endeavors. +Anticipate the official compliance announcement slated for Q1 of 2024. +For further details and inquiries, feel free to reach out to us at privacy@appwrite.io. diff --git a/src/routes/docs/advanced/security/https/+page.markdoc b/src/routes/docs/advanced/security/https/+page.markdoc new file mode 100644 index 0000000000..b1b3751dfb --- /dev/null +++ b/src/routes/docs/advanced/security/https/+page.markdoc @@ -0,0 +1,33 @@ +--- +layout: article +title: HTTPS +description: Learn how Appwrite Cloud enforces secure connections by enforcing HTTPS on all endpoints. +--- + +Appwrite Cloud serves all endpoints over an HTTPS connection by default. +Requests made through an unsecure HTTP connection will be redirected to. + +Redirected requests will show a `301` response status. + +```http +HTTP/1.1 301 Moved Permanently +Content-Type: application/json +Location: https://cloud.appwrite.io/v1/ +``` + +Appwrite Cloud does not support HTTP, which is a common practice in modern development, because unencrypted +HTTP traffic is dangerous and exposes sensitive user data to malicious attackers. + +# Strict-Transport-Security {% #strict-transport-security %} +Appwrite uses the [Strict-Transport-Security header](https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security) +to inform browsers that the website should only be accessed using HTTPS, further protecting against +man-in-the-middle attacks such as protocol downgrade attacks and cookie hijacking. +By enforcing HTTPS, Appwrite Cloud's endpoint will always be served over a secure connection, which helps protect users' data and privacy. + +# Custom domains {% #custom-domains %} +You can add a [custom domain](/docs/advanced/platform/custom-domains) to your Appwrite project so you can access Appwrite API endpoints +on your own domain. Appwrite will [generate TLS certificates](/docs/advanced/security/tls) for your domain and enforce HTTPS communication. + +# Function domains {% #function-domains %} +Appwrite generates domains for Appwrite Functions so they can be executed through HTTPS requests. +Appwrite also [generates TLS certificates](/docs/advanced/security/tls) for these domains to enforce HTTPS communication. \ No newline at end of file diff --git a/src/routes/docs/advanced/security/pci/+page.markdoc b/src/routes/docs/advanced/security/pci/+page.markdoc new file mode 100644 index 0000000000..c107a93ed9 --- /dev/null +++ b/src/routes/docs/advanced/security/pci/+page.markdoc @@ -0,0 +1,17 @@ +--- +layout: article +title: PCI +description: Learn about Appwrite's measure to achieve PCI compliance when handling payments and transactions, ensuring secure and safe handling of payment information and personal data. +--- +The Payment Card Industry Data Security Standard (PCI) is a standard that concerns handling of credit card information, transactions, and payments. +Appwrite uses [Stripe](https://stripe.com/en-se) to securely handle payments for Appwrite Pro and Scale plans. +Stripe is a [PCI Service Provider Level 1](https://www.visa.com/splisting/searchGrsp.do?companyNameCriteria=stripe) provider +with a strong [commitment to security and privacy](https://stripe.com/docs/security) that matches Appwrite's core values. + +{% info title="Handling payment information" %} +If you're looking to add payment or subscription services to your apps built on Appwrite, +we recommend that you **do not store credit card** information directly in Appwrite. + +You can consider using one of the [function templates](/docs/products/functions/quick-start) +to use a third party service, such as Stripe to handle payment. +{% /info %} diff --git a/src/routes/docs/advanced/security/penetration-tests/+page.markdoc b/src/routes/docs/advanced/security/penetration-tests/+page.markdoc new file mode 100644 index 0000000000..9834799078 --- /dev/null +++ b/src/routes/docs/advanced/security/penetration-tests/+page.markdoc @@ -0,0 +1,14 @@ +--- +layout: article +title: Penetration tests +description: Learn about how Appwrite keeps your data safe by employing manual third-party penetration tests to discover vulnerabilities. +--- +Appwrite undertakes regular penetration testing and vulnerability assessments conducted by third-party agencies to attest our security standing. +These penetration tests and vulnerability assessments are performed periodically. Penetration tests performed by a third-party +helps identify vulnerabilities and suggest action plans to constantly improve Appwrite's security. + +Appwrite has processes for external and internal information security risk management that seek to identify, +assess and address risks using a risk treatment plan to implement recommendations and decisions. +The risk assessment methodologies utilized include pen-test practices. + +See the "Data Processing" addendum of [Appwrite's DPA](/docs/advanced/security/gdpr#dpa) for further details. diff --git a/src/routes/docs/advanced/security/soc2/+page.markdoc b/src/routes/docs/advanced/security/soc2/+page.markdoc new file mode 100644 index 0000000000..aaac28aacb --- /dev/null +++ b/src/routes/docs/advanced/security/soc2/+page.markdoc @@ -0,0 +1,12 @@ +--- +layout: article +title: SOC 2 (Coming soon) +description: Learn about Appwrite Cloud's measures to achieve SOC 2 compliance. +--- + +SOC 2 refers to the Service Organization Control 2 standards. +SOC 2 is a set of standards are designed to ensure that service providers like Appwrite securely manage data to protect the privacy of developers and users. + +Appwrite is nearing the completion of its efforts to attain HIPAA and SOC-2 compliance, underscoring our commitment to supporting and empowering developers in their creative endeavors. +Anticipate the official compliance announcement slated for Q1 of 2024. +For further details and inquiries, feel free to reach out to us at privacy@appwrite.io. \ No newline at end of file diff --git a/src/routes/docs/advanced/security/tls/+page.markdoc b/src/routes/docs/advanced/security/tls/+page.markdoc new file mode 100644 index 0000000000..cfc7eb7510 --- /dev/null +++ b/src/routes/docs/advanced/security/tls/+page.markdoc @@ -0,0 +1,16 @@ +--- +layout: article +title: TLS +description: Appwrite helps keep the web secure by generating TLS (Transport Layer Security) certificates for all user and generated domains on Appwrite Cloud. +--- +Appwrite uses [Let's Encrypt](https://letsencrypt.org/) to auto-generate TLS certificates to ensure your API traffic is appropriately encrypted. +Let's Encrypt is an open source and not-for-profit certificate authority provided by the Internet Security Research Group (ISRG) used to +encrypt more than 363 million websites. + +TLS certificates are generated for all of the following. +- Appwrite products and endpoints, like Databases, Storage, Authentication, Functions, Messaging, and all other endpoints. +- [Custom domains](/docs/advanced/platform/custom-domains) that you configure for your Appwrite projects. +- [Domains for Appwrite Functions](/docs/products/functions/deployment#domains), generated or user provided. + +TLS certificates are crucial to ensure all connections between your apps and Appwrite Cloud are encrypted. +This protects your users from attack vectors like man-in-the-middle and eavesdropping attacks. diff --git a/src/routes/docs/products/auth/security/+page.markdoc b/src/routes/docs/products/auth/security/+page.markdoc index 4d9a3e0b3d..5fc6fed093 100644 --- a/src/routes/docs/products/auth/security/+page.markdoc +++ b/src/routes/docs/products/auth/security/+page.markdoc @@ -33,21 +33,4 @@ Appwrite uses a [permissions model](/docs/advanced/platform/permissions) coupled With all Appwrite services, including databases and storage, access is granted at the collection, bucket, document, or file level. These permissions are enforced for client SDKs and server SDKs when using JWT, but are ignored when using a server SDK with an API key. -# Password history {% #password-history %} - -Password history prevents users from reusing recent passwords. This protects user accounts from security risks by enforcing a new password every time it's changed. - -Password history can be enabled in the Auth service's **Security** tab on the Appwrite Console. You can choose how many previous passwords to remember up to a maximum of 20 and block users from reusing them. - -# Password dictionary {% #password-dictionary %} - -Password dictionary protects users from using bad passwords. It compares the user's password to the [10,000 most common passwords](https://github.com/danielmiessler/SecLists/blob/master/Passwords/Common-Credentials/10k-most-common.txt) and throws an error if there's a match. Together with [rate limits](/docs/advanced/platform/rate-limits), password dictionary will significantly reduce the chance of a malicious actor from guessing user passwords. - -Password dictionary can be enabled in the Auth service's **Security** tab on the Appwrite Console. - -# Personal data {% #personal-data %} - -Encourage passwords that are hard to guess by disallowing users to pick passwords that contain personal data. -Personal data includes the user's name, email, and phone number. - -Disallowing personal data can be enabled in the Auth service's **Security** tab on the Appwrite Console. \ No newline at end of file +{% partial file="auth-security.md" /%} \ No newline at end of file diff --git a/src/routes/docs/references/+page.markdoc b/src/routes/docs/references/+page.markdoc index c7f75eff9d..51999eddbd 100644 --- a/src/routes/docs/references/+page.markdoc +++ b/src/routes/docs/references/+page.markdoc @@ -51,4 +51,4 @@ Utility APIs to customize your app based on your users' location. {% cards_item href="/docs/references/cloud/client-web/avatars" title="Avatars" %} Complete everyday tasks related to your app image, icons, and avatars. {% /cards_item %} -{% /cards %} +{% /cards %} \ No newline at end of file diff --git a/src/routes/docs/sdks/+page.markdoc b/src/routes/docs/sdks/+page.markdoc index 371744a283..024cb4baea 100644 --- a/src/routes/docs/sdks/+page.markdoc +++ b/src/routes/docs/sdks/+page.markdoc @@ -115,17 +115,21 @@ We are always looking to add new SDKs to our platform. If the SDK you are lookin Appwrite supports multiple API protocols for maximum flexibility and developer convenience. You can learn more about how to integrate directly with them using one of the following available guides: -{% arrow_link href="/docs/apis/realtime" %} -Integrate with the Appwrite Realtime API -{% /arrow_link %} +{% cards %} +{% cards_item href="/docs/apis/realtime" title="Realtime API" %} +Integrate with the Appwrite Realtime API +{% /cards_item %} + +{% cards_item href="/docs/apis/rest" title="REST API" %} +Integrate with the Appwrite REST API +{% /cards_item %} + +{% cards_item href="/docs/apis/graphql" title="GraphQL API" %} +Integrate with the Appwrite GraphQL API +{% /cards_item %} +{% /cards %} -{% arrow_link href="/docs/apis/rest" %} -Integrate with the Appwrite REST API -{% /arrow_link %} -{% arrow_link href="/docs/apis/graphql" %} -Integrate with the Appwrite GraphQL API -{% /arrow_link %} # Community {% #community %} If you have created your own framework or any other technology specific integration and would like us to list it here please [contact us](/contact-us). diff --git a/static/images/docs/advanced/security/activity.png b/static/images/docs/advanced/security/activity.png new file mode 100644 index 0000000000..9dc7517733 Binary files /dev/null and b/static/images/docs/advanced/security/activity.png differ diff --git a/static/images/docs/advanced/security/dark/activity.png b/static/images/docs/advanced/security/dark/activity.png new file mode 100644 index 0000000000..84d89521a7 Binary files /dev/null and b/static/images/docs/advanced/security/dark/activity.png differ diff --git a/static/images/docs/advanced/security/dark/dpa.png b/static/images/docs/advanced/security/dark/dpa.png new file mode 100644 index 0000000000..0f2edcbf90 Binary files /dev/null and b/static/images/docs/advanced/security/dark/dpa.png differ diff --git a/static/images/docs/advanced/security/dpa.png b/static/images/docs/advanced/security/dpa.png new file mode 100644 index 0000000000..a31eeb137f Binary files /dev/null and b/static/images/docs/advanced/security/dpa.png differ