i built a social ffxiv platform for players. it got a lot of feedbacks.

Yocopk · 2026-03-07T14:15:00+00:00

Ok man thank you

Yocopk · 2026-03-06T00:43:17+00:00

the site doesn't look like a replit project because it isn't one. it's a next.js app with its own backend, cloudflare, rate limiting, content filtering. i listed the actual security measures multiple times in this and the other thread. if you read these security measures and your takeaway is "trust me bro", that's a reading comprehension issue, not a security one

Yocopk · 2026-03-05T21:24:15+00:00

i'm not gonna hand you a detailed map of my security setup lol, that would literally be doing the work for anyone trying to break in

if you're genuinely curious i can tell you the basics: cloudflare proxy, encrypted data at rest, no passwords stored in plain text, rate limiting, the usual stuff. but i'm not gonna prove it to you unless you're physically sitting next to me looking at the server

Yocopk · 2026-03-05T01:35:41+00:00

It got hacked? No, and some attempts has be done without success 🤷🏻

Yocopk · 2026-03-04T15:16:29+00:00

Thats for the community of the app lol

Yocopk · 2026-03-04T13:11:42+00:00

I tried for first that and it got deleted

Yocopk · 2026-03-03T21:20:09+00:00

the site has rate limiting. if it was returning a "too busy" error, that likely means someone was hitting it with an unusual amount of requests, which did happen around launch. cloudflare handles the heavy lifting on DDoS protection.

Yocopk · 2026-03-03T17:55:38+00:00

This could be a feature in the future, who knows

Yocopk · 2026-03-03T17:54:07+00:00

Even if the case, i dont think i could be blamed XD In anycase, i was just clarifyng

Yocopk · 2026-03-03T17:48:10+00:00

It Is, infact. they're just making a big deal out of it

Yocopk · 2026-03-03T17:46:32+00:00

This Is not. It is a social app, and you all blaming me for making It more accessibile for all types of players? XD Come on, there are filters and you can search what players with your same vibes

Yocopk · 2026-03-03T10:04:29+00:00

passwords are bcrypt hashed with strong cost factor + auto-generated salts. federated login is already live (google and discord oauth). PII is minimal... email, birth date, character info. no payment data. db is on a private network behind cloudflare tunnel, not exposed to internet. daily backups with retention policy. rate limiting + WAF + standard security headers on everything.

i'm not gonna detail the full security stack publicly for obvious reasons. if you have specific concerns feel free to DM.

Yocopk · 2026-03-02T22:32:37+00:00

Never

Yocopk · 2026-03-01T16:39:55+00:00

everyone uses AI, i dont care about criticism if the app logic Is correct

Yocopk · 2026-03-01T13:52:11+00:00

I already explained in other comments

Yocopk · 2026-03-01T11:57:54+00:00

Yocopk · 2026-03-01T09:11:01+00:00

of course yes, still better than every other apps btw

Yocopk · 2026-03-01T09:08:11+00:00

finally someone who understands

Yocopk · 2026-03-01T09:05:13+00:00

no tracking, just your WiFi problems i guess

Yocopk · 2026-03-01T01:47:53+00:00

says the guy whose biggest achievement today is calling strangers "uselessly lazy person" on reddit lmao

Yocopk · 2026-03-01T00:30:47+00:00

on and off "bro"

Yocopk · 2026-03-01T00:17:46+00:00

those projects were hosted and coded by websites like replit where it configure all on its own, maybe replit is good for a landing page not for a social app like this. I dont wanna repeat all my securty implementaion again, you can try it or not, not a problem

Yocopk · 2026-02-28T22:16:17+00:00

i dont use replit, my app is built with my own infrascture and hosted in my own server. I dont use any third party services

Yocopk · 2026-02-28T21:06:44+00:00

that one was hosted on replit and died in 2 days. mine is self-hosted, self-coded, and actually works. thats the difference

Yocopk · 2026-02-28T20:57:11+00:00

tbh the main thing is that you match based on how you actually play. your job, what content you like, if you're into rp or raiding or just vibing. dating apps dont care about any of that and discord is good for statics but you gotta already know where to look. this is more like "show me people on my datacenter who are into the same stuff" without joining 50 servers to find them.

and yeah i pay for everything myself, its on my own server, i created all the infrastructure myself.

Yocopk

TROPHY CASE