Perplexica combines metasearch, retrieval, and LLM response generation. Security controls should focus on API key protection, untrusted content handling, and controlled outbound traffic.
¶ 1) Secure external provider and search credentials
- Store model and search-provider API keys in protected environment variables.
- Rotate keys on a fixed schedule and after exposure incidents.
- Avoid sharing one key across production and development environments.
- Restrict provider account scopes where possible.
¶ 2) Constrain ingestion and browsing behavior
- Treat remote web content as untrusted input.
- Apply request timeouts and size limits to crawling/retrieval paths.
- Restrict outbound network access to approved domains/providers.
- Log fetch failures and unusual retrieval patterns.
¶ 3) Harden runtime and API exposure
- Publish app only behind TLS-enabled reverse proxy.
- Keep internal services and databases private.
- Run containers with least privilege and minimal mounts.
- Patch application and dependencies regularly.
- Perplexica repository and docs: https://github.com/ItzCrazyKns/Perplexica
Any questions?
Feel free to contact us. Find all contact information on our contact page.