b843394d0f
Some checks failed
Deploy to Production / deploy (push) Failing after 46s
Ported and adapted from the BuildMyDiscord SEO setup: - lib/seo.ts — single source for site constants, the FAQ data (shared by the rendered FAQ and the FAQPage schema so they never drift) and JSON-LD builders. - Rich root metadata: title template, keywords, Open Graph, Twitter card, robots directives, canonical. - JSON-LD: Organization + WebSite + SoftwareApplication sitewide, FAQPage on the landing page. No AggregateRating — there are no real reviews yet. - app/robots.ts — allow all, explicit allow-list for AI answer-engine crawlers (GPTBot, ClaudeBot, PerplexityBot, …), disallow private routes. - app/sitemap.ts — every public marketing + docs route. - app/opengraph-image.tsx — monochrome on-brand 1200x630 share card. - app/manifest.ts + public/llms.txt. - Per-page metadata for pricing, changelog, security, privacy, terms, docs, templates and status. - opengraph-image + apple-icon pinned to the edge runtime — next/og crashes during a Node-runtime prerender. Verified: next build passes; /robots.txt, /sitemap.xml, /manifest.webmanifest and /opengraph-image all generate. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
107 lines
4.7 KiB
TypeScript
107 lines
4.7 KiB
TypeScript
import { CodeBlock } from '@/components/code-block';
|
|
import { pageMetadata } from '@/lib/seo';
|
|
import Link from 'next/link';
|
|
|
|
export const metadata = pageMetadata({
|
|
title: 'Security',
|
|
description:
|
|
'How BuildMyMCPServer secures your MCP servers — per-server Docker isolation, AES-256-GCM encrypted secrets, OAuth 2.1 and a hardened control plane.',
|
|
path: '/security',
|
|
});
|
|
|
|
const PILLARS = [
|
|
{
|
|
title: 'Per-server isolation',
|
|
body: 'Every customer MCP server runs in its own Docker container. No shared process, no shared filesystem, no shared memory. One server compromised does not affect any other.',
|
|
},
|
|
{
|
|
title: 'Encrypted secrets',
|
|
body: 'API keys and credentials are AES-256-GCM encrypted at rest in Postgres with a 32-byte key sourced from env. Decryption happens only at the moment of container ENV injection. Plaintext is never logged.',
|
|
},
|
|
{
|
|
title: 'OAuth 2.1, no API keys for end users',
|
|
body: 'Every generated server is an OAuth 2.1 Resource Server. PKCE, Dynamic Client Registration (RFC 7591), Resource Indicators (RFC 8707), RS256-signed JWTs. Short-lived, audience-bound, replay-resistant.',
|
|
},
|
|
{
|
|
title: 'No token passthrough',
|
|
body: "When a tool calls a downstream API, it uses its own server-side credentials — not the user's OAuth token. Tokens never leak across trust boundaries. This is mandated by the MCP authorization spec.",
|
|
},
|
|
{
|
|
title: 'Static security checks',
|
|
body: 'Every LLM-generated tool body is scanned for banned patterns (eval, new Function, child_process) before Docker build. Prompt-injection markers like "ignore previous instructions" also trip the check. Build fails fast, no risky code ships.',
|
|
},
|
|
{
|
|
title: 'Container hardening',
|
|
body: 'Production containers run with --read-only, --cap-drop=ALL, --security-opt=no-new-privileges, CPU and memory limits. Network egress can be restricted to whitelisted domains per server.',
|
|
},
|
|
{
|
|
title: 'Audit log',
|
|
body: 'Every privileged action — login, logout, server create/iterate/delete — is recorded with IP, timestamp, user, and metadata. Available via /audit for Team-and-above orgs.',
|
|
},
|
|
{
|
|
title: 'Rate limiting',
|
|
body: 'Default 100 requests/min/IP per tool, enforced at the Traefik layer before traffic ever reaches your container.',
|
|
},
|
|
];
|
|
|
|
export default function Security() {
|
|
return (
|
|
<div className="mx-auto max-w-3xl px-6 py-16">
|
|
<header className="mb-12">
|
|
<div className="text-[11px] uppercase tracking-[0.16em] text-[--color-fg-subtle]">
|
|
Security posture
|
|
</div>
|
|
<h1 className="mt-2 text-[32px] font-semibold tracking-tight">
|
|
Built like infrastructure.
|
|
</h1>
|
|
<p className="mt-3 text-[14px] leading-relaxed text-[--color-fg-muted]">
|
|
We host code generated by an LLM, on behalf of customers, that exposes their internal APIs
|
|
to AI clients. The threat model is real. Here is what we do about it.
|
|
</p>
|
|
</header>
|
|
|
|
<div className="space-y-6">
|
|
{PILLARS.map((p) => (
|
|
<section key={p.title} className="panel p-5">
|
|
<h2 className="text-[14px] font-semibold tracking-tight">{p.title}</h2>
|
|
<p className="mt-2 text-[13px] leading-relaxed text-[--color-fg-muted]">{p.body}</p>
|
|
</section>
|
|
))}
|
|
</div>
|
|
|
|
<section className="mt-12">
|
|
<h2 className="text-[18px] font-semibold tracking-tight">Disclosure</h2>
|
|
<p className="mt-2 text-[13.5px] leading-relaxed text-[--color-fg-muted]">
|
|
Found a vulnerability? Email{' '}
|
|
<a
|
|
className="text-[--color-accent] underline"
|
|
href="mailto:security@buildmymcpserver.com"
|
|
>
|
|
security@buildmymcpserver.com
|
|
</a>{' '}
|
|
with a clear reproduction. We respond within 48h. We do not run a paid bounty yet, but we
|
|
will credit you publicly in the changelog (or anonymously if you prefer).
|
|
</p>
|
|
<div className="mt-4">
|
|
<CodeBlock
|
|
label="pgp"
|
|
code={`Key fingerprint published at buildmymcpserver.com/.well-known/security.txt`}
|
|
/>
|
|
</div>
|
|
</section>
|
|
|
|
<section className="mt-12">
|
|
<h2 className="text-[18px] font-semibold tracking-tight">Compliance roadmap</h2>
|
|
<p className="mt-2 text-[13.5px] leading-relaxed text-[--color-fg-muted]">
|
|
SOC 2 Type I is targeted for Q4 2026. The GDPR posture is described in our{' '}
|
|
<Link href="/privacy" className="text-[--color-accent] underline">
|
|
privacy policy
|
|
</Link>
|
|
. If you need a DPA or other contracts ahead of SOC 2, reach out — Team and Enterprise
|
|
customers get one on request.
|
|
</p>
|
|
</section>
|
|
</div>
|
|
);
|
|
}
|