Security

Invoice workflow with visible security controls.

diginaized Invoice Pro is built as a focused SaaS workflow: private secrets outside public_html, encrypted sensitive data at rest, hardened sessions, CSRF protection, Stripe-hosted billing, account data export and deletion controls.

Create invoice Read privacy policy
Private configSecrets outside public_html; app fails closed if missing.
EncryptionSodium or OpenSSL AES-256-GCM, with field-level migration support.
StripeHosted checkout and signature-verified webhook processing.
ControlData export, deletion path, account 2FA and admin audit trail.

Private configuration

Production secrets are loaded from a private Hostinger-safe config location outside public_html. The public app refuses to run if that private config is missing or public.

  • Private config loader
  • No bundled production secrets
  • Placeholder detection
  • Fails closed when required database values are missing

Encryption at rest

Supported sensitive fields are encrypted before storage using the configured private data key. The runtime supports Sodium when available and OpenSSL AES-256-GCM fallback when Sodium is not exposed by the host.

  • 2FA seeds encrypted
  • Client private fields encrypted
  • Business Profile private fields encrypted
  • Invoice and recurring payload encryption

Account protection

Customer accounts support authenticator-app two-step verification, hashed recovery codes, rate-limited login/security flows, password policy checks and security activity logging.

  • Authenticator-app 2FA
  • Recovery codes are hashed
  • Password hashing with PASSWORD_DEFAULT
  • Security change notifications

Admin protection

The private admin area is noindex, login-gated, audited and now has an admin 2FA setup path plus a private-config flag for requiring admin MFA before launch.

  • Admin audit log
  • Admin 2FA migration
  • Admin security page
  • Optional ADMIN_MFA_REQUIRED launch lock

Payment handling

Subscriptions run through Stripe Checkout and the Stripe billing portal. Webhook events are signature-verified and processed idempotently; card details are not stored by diginaized.

  • Stripe-hosted checkout
  • Webhook signature verification
  • Idempotent event recording
  • No card storage in the app

Browser and transport controls

The public upload includes HTTPS redirects, HSTS, CSP, X-Content-Type-Options, frame protections, noindex secure document links and service-worker safeguards for private routes.

  • HSTS and CSP headers
  • CSRF protection
  • Noindex document links
  • Private account routes excluded from service-worker caching
FAQ

Questions before you start

Does diginaized store payment card data?

No. Subscription checkout and billing portal flows are handled by Stripe. diginaized stores subscription status and related identifiers, not raw card details.

Is every possible field encrypted?

No public SaaS should overclaim. The app encrypts supported high-sensitivity fields and document payloads at rest, while passwords and recovery codes are one-way hashed. Some operational records still remain readable for support, audit and legal obligations.

Does encryption replace good backups and access control?

No. The encryption key must remain private and backed up. Hosting account security, file permissions, WAF, monitoring and database backups remain operational requirements.

Ready to create an invoice?

Use the free tool now, then upgrade later if you need Business Profiles, saved clients, reusable templates, recurring workflows, Pro styles and branding removal.

Open invoice toolView pricing