⚙️ Technical Details
- Hand-coded: HTML, CSS, and PHP – no templates, no frameworks
- Typography: LindenHill font (used for headings) embedded locally
- No external dependencies: JS, fonts, images, PDFs, and icons are all local – no third-party requests
- Dark mode by default: simply because I prefer it :)
- Accessibility: Clean semantic HTML structure and good contrast for readability
- Mobile friendly: designed to display well on smartphones and tablets
🔐 Security & Privacy
- HTTPS with HSTS: Encrypted connection enforced via:
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload - .htaccess Access Control:
- Only specific
.phpfiles are publicly accessible .pdf,.xml,.txt, etc. are blocked by default- Directories without index files are protected via
Options -Indexes
- Only specific
- Security Headers:
Strict-Transport-SecurityX-Frame-Options: DENYX-Content-Type-Options: nosniffReferrer-Policy: strict-origin-when-cross-originPermissions-Policy: geolocation=(), microphone=(), camera=()
- Content-Security-Policy:
Content-Security-Policy: default-src 'self'; script-src 'self'; style-src 'self'; font-src 'self'; img-src 'self'; base-uri 'self'; form-action 'self'; object-src 'none'; frame-ancestors 'none'; - Error Pages: Custom 401, 403, 404, 410, and 500 pages with correct HTTP status codes
- No Cookies & No Tracking: No analytics tools, no data collection
- Well-maintained
.htaccessfor a secure web experience – for me as the site owner, and for you as the visitor - Trusted Types: Protection against cross-site scripting (XSS) via strict browser policy for safely handling HTML content (e.g., tooltips)
- Content Security Policy: Prevents unauthorized scripts and third-party resources
- Monitoring & Logging: Server logs and Fail2Ban protect against attacks by automatically banning suspicious IPs
- Regular Backups & Updates: Automated backups and regular updates ensure security and stability
⚡️ Caching & Performance
- PHP OPcache: for fast script execution by caching compiled PHP code
- Browser caching (static): CSS, JavaScript, images, and fonts are sent with expiry headers to reduce requests and improve load times
🔍 Search Engine Optimization
robots.txt: Allows only approved content, blocks internal.txtfilessitemap.xml: Lists only approved pages for indexing- Meta Information: Titles, descriptions, and OpenGraph tags are correctly maintained
- Simple SEO: No keyword stuffing, no hidden content
📧 Spam-Free Contact
The site uses a server-side PHP script (mailme.php) to enable contact without exposing the email address – no mailto: in the source code.
💡 This website was built with a strong focus on transparency and security some of the extrem hardening features are tuned a bit so the Site can run the Demo for Fail2Ban-Report .