Digiscreen is used in classroom environments and often exposed to untrusted participant traffic. Harden moderation and restrict creation/management endpoints.
¶ 1) Protect facilitator and admin functions
- Restrict admin access to trusted staff accounts.
- Disable public management interfaces for classroom sessions.
- Rotate credentials used by shared classroom devices.
- Log session creation and moderation actions.
- Apply reverse-proxy rate limits to interaction endpoints.
- Use request size limits to reduce payload abuse.
- Restrict unauthenticated creation flows when not required.
- Remove stale public session links after class events.
¶ 3) Harden runtime and updates
- Deploy behind HTTPS only.
- Keep runtime dependencies patched from upstream.
- Restrict filesystem write permissions to required paths.
- Back up and verify restoration of configuration data.
- Digiscreen project page: https://ladigitale.dev/digiscreen/
- Digiscreen source repository: https://codeberg.org/ladigitale/digiscreen
Any questions?
Feel free to contact us. Find all contact information on our contact page.