Documentation

Security Whitepaper

A practical overview of InstaTunnel security controls, architecture, and operational safeguards.

Scope

This whitepaper covers currently deployed controls and practices. It is a living document aligned with production rollout and admin audit capabilities.

Architecture and data flow

  • Edge ingress through Nginx reverse proxy with controlled upstream routing.
  • Application services run in isolated Docker services (web, server, db, redis).
  • Tunnel request flow includes policy checks before forwarding to local client connections.
  • Protected admin and API endpoints are separated from public tunnel traffic paths.

Identity and access controls

  • Email verification and API key authentication for user account access.
  • Admin authentication boundary for operational endpoints.
  • Organization team model with role and scope controls.
  • SSO configuration foundation for enterprise org access policy.

Monitoring and auditability

  • Security auto-actions and suspicious pattern logs in admin activity.
  • Organization audit events for admin and compliance operations.
  • Traffic policy block events for deny/rate-limit enforcement visibility.
  • CSV export support for audit review and evidence packaging.

Resilience and recovery

  • Full restore tarball backups with verified checksums before release batches.
  • Disk watchdog and safe prune scripts to prevent deployment failures from low space.
  • Pre-deploy env fingerprint checks to prevent accidental critical config drift.
  • Nginx restart rule after server rebuilds to avoid stale upstream mapping.

Shared responsibility

InstaTunnel secures platform infrastructure and control-plane behavior. Customers remain responsible for local app security, secret handling in source code, and endpoint-specific business logic validation.

For customer-facing policy hardening, use Traffic Policies and webhook signature verification guidance in Webhook Guides.

FAQ

Does InstaTunnel support encryption in transit?

Yes. Public traffic is terminated over TLS at edge reverse proxy layers. Internal service traffic is network-restricted within the production deployment stack.

How is authentication handled?

User access relies on API key and account verification workflows. Admin APIs require admin authentication and protected session/token handling.

How are security events retained?

Security-relevant actions are logged in admin activity and organization audit events. Logs are queryable and exportable for review and compliance evidence.

Related docs

Enterprise GuideTraffic PoliciesSecurity Page