Security overview

Last updated: May 7, 2026

Hosting

ReproRemind runs on AWS (us-east-1). Application servers, databases, and file storage are all inside a private VPC; the database is not exposed to the internet.

Encryption

• In transit: HTTPS / TLS 1.2+ for every request, including admin and webhooks.
• At rest: encrypted EBS volumes for database storage; encrypted S3 buckets for uploaded photos.
• Sensitive credentials (Stripe, Twilio, AWS) are stored in AWS Secrets Manager.

Authentication

• Passwords are hashed with bcrypt; we never store plaintext.
• Email verification is required before dashboard access.
• Two-factor authentication (TOTP) is available on /settings/security.
• Failed-login throttling and password-reset rate limits are enabled.

Multi-tenant isolation

• Every domain-scoped query is filtered by domain_id at the model layer (BelongsToDomain global scope).
• Cross-tenant access is blocked at the route, action, and model layers; we have explicit tests verifying isolation.
• Vets and repro experts can only see domains they have an active consultant invitation on.

Webhook integrity

Twilio inbound webhooks are signature-validated using the X-Twilio-Signature header before any state change (e.g., SMS opt-out). Stripe webhooks are signature-validated similarly.

Backups

Database snapshots run daily and retain for 30 days. Point-in-time recovery is enabled. We test restore on a quarterly cadence.

Reminder links

Public reminder links carry a token plus a minimal summary payload only. They never expose authenticated cow records, vet notes, or health details. Sensitive actions (mark task done, edit data) require sign-in.

Reporting a vulnerability

If you find a security issue, please email security@reproremind.test. We respond within 1 business day, do not pursue good-faith research, and credit reporters who request it.