Security
Security Notes
Static Live Maker includes path traversal protection, conservative content headers, and a configurable in-memory rate limit.
Configuration
Use RATE_LIMIT_MAX, RATE_LIMIT_WINDOW_MS, HOST,
PORT, and PUBLIC_DIR to tune deployment behavior.
Production guidance
Put the app behind a trusted reverse proxy, enable HTTPS, avoid hosting sensitive files, and set stricter rate limits for public deployments.