# xmrauctions

I'll be filling this in over the following days. Stay tuned.

## Security Go-Live Checklist

In no particular order, nice to haves, and should likely haves:

- [ ] Bad bot spam prevention (fail2ban)
- [ ] DDoS mitigation
- [ ] Secrets in SSM with env setting
- [ ] Email spam prevention
- [ ] Cloudtrail configured all regions
- [ ] Web server access logs syncing to S3
- [ ] Log rotate on access logs
- [ ] Security ELK dashboard
- [ ] Malicious Image upload abuse prevention
- [ ] SES metric alarms
- [ ] Budget alarms
- [ ] Unit Tests
- [ ] DB backups