Build Factory Operator Cockpit

Operator Frame

Global navigation, page frame, and live control-plane status.

The shell is intentionally persistent: left-side navigation, a shared header, and durable status surfaces remain stable while future workflow views swap in.

Posture

green

TLS

full-strict

Proxy

proxied

Security Posture

TLS, proxy, rate-limiting, and headers

← Back to operations hub

Posture Summary

Overall: green

TLS Modefull-strict
Proxy Modeproxied
DDoS Protectionactive
Rate Limitingactive
Last Verified2026-03-26

Posture Rules

Rule checks (6)

✓ tls-full-strictSSL/TLS mode is Full (Strict)
✓ proxy-mode-onCloudflare proxy mode is active (orange cloud)
✓ ddos-protectionDDoS protection active via Cloudflare proxy
✓ api-cache-bypassAPI routes bypass CDN cache
✓ auth-rate-limitingRate limiting active on /api/auth/*
✓ hstsHSTS enabled with preload

Guidance

Security configuration

Security posture is version-controlled in config/runtime/security-posture.json. Update that file when Cloudflare settings change.

Setup guide: cloudflare-dns-setup.md