This project tracks the latest version of Beszel. Security updates are applied by updating to the newest Beszel release.

If you discover a security vulnerability in Beszel itself, please report it directly to the upstream project:

• Repository: henrygd/beszel
• Security Policy: See Beszel's Security Policy

If you find a security issue specific to this Dokku deployment configuration (Dockerfile, scripts, or deployment process), please report it by:

1. DO NOT open a public issue
2. Contact me privately via:
   • GitHub Security Advisories (preferred)
   • Or open a private issue if available

• Description of the vulnerability
• Steps to reproduce the issue
• Potential impact
• Suggested fix (if any)

When using this deployment:

1. Keep Updated: Run ./update.sh regularly to stay current with Beszel releases
2. Review Changes: Check the Beszel release notes before updating
3. Secure Your Dokku Instance:
   • Use HTTPS/TLS certificates
   • Keep Dokku and host system updated
   • Follow Dokku security best practices
4. Limit Access: Restrict SSH and administrative access to your Dokku server
5. Monitor Logs: Regularly review application and system logs

Security updates are delivered through:

• Upstream Beszel releases
• Updates to this repository's Dockerfile or deployment scripts

The update.sh script automates the process of pulling and deploying the latest Beszel version.

Security vulnerabilities in Beszel core should be credited to the upstream maintainers.