We currently support the latest stable version of PUQcloud Scripts.
| Version | Supported |
|---|---|
| latest | ✅ |
If you discover a security vulnerability in PUQcloud Scripts, please DO NOT open a public issue.
Instead, report it directly and privately to us:
- 📧 Email: support@puqcloud.com
- 🎫 Support Ticket: Create Security Report
Please include as much detail as possible, including:
- Steps to reproduce
- A description of the vulnerability
- Affected script(s) and operating system
- A proof of concept (if possible)
- Impact assessment (data exposure, privilege escalation, etc.)
We will investigate and respond within 3–5 business days.
If confirmed, we will work to release a patch as soon as possible and credit the reporter (optional).
- Root Access: Our scripts require root privileges for system configuration
- Network Security: Scripts download packages and configurations from official sources
- Password Generation: Random secure passwords are generated for database users
- SSL/TLS: All web communications are encrypted with Let's Encrypt certificates
- Review Source Code: Always examine scripts before execution
- Test Environment: Test in development before production deployment
- Backup Data: Create system backups before running installation scripts
- Network Security: Ensure secure network connection during installation
- Change default passwords immediately after installation
- Configure firewall rules appropriate for your environment
- Enable automatic security updates
- Monitor system logs regularly
We prefer coordinated disclosure.
We will not publicly disclose vulnerabilities until a patch is released and users have had reasonable time to update.