Skip to main content

Security Guide

Best practices for securing your RedHarmony installation.

API Security

Reddit API Security

  • Use environment variables for credentials
  • Create a dedicated Reddit account for bot usage
  • Use minimal required permissions
  • Regularly rotate passwords and API keys

OpenAI API Security

  • Store API keys securely in environment variables
  • Monitor API usage and set limits
  • Use organization-level API keys when possible
  • Implement rate limiting

Data Protection

Database Security

# Implement secure database connection
def get_secure_db_connection():
try:
conn = sqlite3.connect(
"reddit_bot.db",
timeout=30,
isolation_level='EXCLUSIVE'
)
# Enable foreign key support
conn.execute("PRAGMA foreign_keys = ON")
return conn
except sqlite3.Error as e:
logger.error(f"Database error: {e}")
return None

Credential Management

  • Never commit .env files
  • Use .gitignore to exclude sensitive files
  • Implement secure credential rotation
  • Log access attempts

Compliance

Reddit Compliance

  • Follow Reddit's API terms of service
  • Implement proper rate limiting
  • Respect subreddit rules
  • Monitor for policy changes

Bot Behavior

  • Implement natural delays
  • Avoid spam-like behavior
  • Monitor interaction patterns
  • Implement safety checks

Monitoring

Activity Logging

def log_activity(activity_type, details):
logger.info(f"Activity: {activity_type}")
logger.debug(f"Details: {details}")

# Save to database
conn = get_secure_db_connection()
cursor = conn.cursor()
cursor.execute(
"INSERT INTO activity_log (type, details, timestamp) VALUES (?, ?, ?)",
(activity_type, json.dumps(details), datetime.now())
)
conn.commit()

Alert System

def alert_on_suspicious_activity(activity):
if is_suspicious(activity):
notify_admin(
subject="Suspicious Activity Detected",
body=f"Activity: {activity}"
)

Best Practices

  1. Regular Updates

    • Keep dependencies updated
    • Monitor security advisories
    • Update bot behavior rules
    • Review access patterns
  2. Access Control

    • Implement role-based access
    • Log all administrative actions
    • Regular permission audits
    • Secure admin interfaces
  3. Error Handling

    • Never expose sensitive data in errors
    • Log security-related errors
    • Implement graceful fallbacks
    • Monitor error patterns