🚀 CPE Tracker v2.17.0 – Product Release Notes

Release Date: May 27, 2025

Highlights

• Meilisearch API is now securely deployed behind NGINX with HTTPS, CORS, and advanced security hardening.

• Chrome Extension and website now use a single, secure endpoint for blazing-fast search.

• Fail2Ban is enabled for automated protection against bots and abuse.

• Monitoring and resource alerts are active for proactive server health management.

• All configuration and security decisions are fully documented in a new technical runbook.

• NEW: Chrome extension now features robust, CSP-compliant image fallback—broken or missing course images automatically display a default image, ensuring a seamless user experience.

---

Key Features & Improvements

NGINX Security Hardening:

• Strong SSL/TLS, HSTS, and modern security headers.

• UI access to Meilisearch is blocked for public users.

• CORS is enabled and ready for further restriction.

API Key Security:

• No admin keys are exposed to the public.

• Only read-only keys are used.

Fail2Ban Protection:

• Default and custom jails protect against brute-force, bots, and repeated 403s.

• All internal servers are whitelisted to prevent accidental bans.

Monitoring:

• Monitoring with resource alerts for CPU, RAM, and disk.

• All logs and bans are tracked for future analysis.

Chrome Extension Image Fallback (NEW):

• Images for courses now use a JavaScript-based fallback mechanism.

• If a course image URL is broken or missing, the extension automatically displays a default image.

• Fully compliant with Chrome Extension Content Security Policy (CSP).

Documentation:

• A comprehensive runbook details every technical and security decision for the team.