docs: update documentation with security enhancements

Updated CLAUDE.md and README.md to document security features: **CLAUDE.md updates:** - Expanded Traefik section with security architecture details - Added Security Configuration section with detailed guides - Documented HTTP Basic Auth setup and credential management - Added security testing commands and procedures - Included TLS/header configuration instructions **README.md updates:** - Enhanced PROTOCOLS & SECURITY section - Added TLS 1.2+ and cipher suite information - Listed security headers (HSTS, X-Frame-Options, etc.) - Documented HTTP Basic Auth and rate limiting - Updated access control list Documentation now reflects all security hardening applied to Traefik reverse proxy and service authentication. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
2025-11-04 23:24:00 +01:00
parent b420f1d4bf
commit 3fea585782
2 changed files with 72 additions and 6 deletions
--- a/README.md
+++ b/README.md
@@ -202,14 +202,23 @@ THE FALCON (falcon_network)
 🔐 ENCRYPTION STANDARD
 ├─ All transmissions encrypted via HTTPS
 ├─ Let's Encrypt quantum certificates
-├─ Traefik middleware compression active
-└─ CORS shields configured per sector
+├─ TLS 1.2+ with strong cipher suites only
+├─ HSTS enabled (1-year, preload ready)
+└─ SNI strict mode enforced

-🛡️ ACCESS CONTROL
+🛡️ SECURITY HEADERS
+├─ X-Frame-Options: SAMEORIGIN
+├─ X-XSS-Protection enabled
+├─ Content-Type-Options: nosniff
+├─ Referrer-Policy configured
+└─ Permissions-Policy restrictions
+
+🔒 ACCESS CONTROL
 ├─ Admin credentials in .env vault
 ├─ Database authentication: scram-sha-256
-├─ VPN cloaking device enabled
-└─ Email verification for new recruits
+├─ HTTP Basic Auth on sensitive endpoints
+├─ Rate limiting available (100 req/s)
+└─ VPN cloaking device enabled
 ```

 ---