adding readme with security info

README.md

@@ -0,0 +1,20 @@
+# xmrauctions
+
+I'll be filling this in over the following days. Stay tuned.
+
+## Security Go-Live Checklist
+
+In no particular order, nice to haves, and should likely haves:
+
+- [ ] Bad bot spam prevention (fail2ban)
+- [ ] DDoS mitigation
+- [ ] Secrets in SSM with env setting
+- [ ] Email spam prevention
+- [ ] Cloudtrail configured all regions
+- [ ] Web server access logs syncing to S3
+- [ ] Log rotate on access logs
+- [ ] Security ELK dashboard
+- [ ] Malicious Image upload abuse prevention
+- [ ] SES metric alarms
+- [ ] Budget alarms
+- [ ] Unit Tests