Email Delivery Monitoring
Monitor admin notifications and customer confirmations from Gmail. Failed email should not block database persistence.
IN_PROGRESS · MEDIUM
Trust Layer
A public view of access, backup, compliance, and operational security practices. Internal security checks can be managed in admin and summarized here.
Monitor admin notifications and customer confirmations from Gmail. Failed email should not block database persistence.
IN_PROGRESS · MEDIUM
Review active redirect records monthly so old campaign links resolve correctly and no unsafe destination is published.
PENDING · MEDIUM
Contact, support, and newsletter endpoints validate required fields and normalize email or priority before saving records.
PASSED · MEDIUM
Confirm Supabase backup policy, recovery window, and export process before major data or schema changes.
IN_PROGRESS · HIGH
DATABASE_URL, DIRECT_URL, NEXTAUTH_SECRET, NEXTAUTH_URL, Gmail credentials, and ADMIN_PASSWORD are managed through Vercel environment variables for production.
PASSED · CRITICAL
Admin routes require a valid NextAuth session. User roles are stored in the database and admin operations assert a server-side session before mutations.
PASSED · HIGH