Linkfire Help Center

Follow

Security

Security is a top priority for Linkfire. We understand that your Linkfire account may contain sensitive data regarding your visitors and marketing operations and we are very protective of it. 
 
This page describes the various security measures we take to protect your data.
 

REPORT A SECURITY CONCERN

Linkfire is serious about security. We encourage anyone to privately and responsibly report possible vulnerabilities and incidents to us so that we can address these issues quickly. Learn How
 

Physical Security

Linkfire uses certified cloud provider data centres. Physical access is strictly controlled both at the perimeter and at building entrance points by professional security staff using video surveillance, state-of-the-art intrusion detection systems, biometric locks and other electronic means. Only authorized personnel have access to the data centers. 
 
For more information, please contact security@linkfire.com.
 

System and Software Security

Linkfire’s system infrastructure is updated regularly with the latest security patches and managed strictly through configuration management tools. All of our servers and containers run hardened, patched operating systems.
 
We are an internal team of engineers who keep our software and its dependencies up-to-date, eliminating potential security vulnerabilities. We carefully audit and test all software components that affect the overall security of the system.
 

Encryption

All data is encrypted in transit using TLS 1.2 and at rest using industry-standard AES-256.
 

Data Security and Backups

All customer data is written to multiple disks instantly in geographically distinct data centres within their respective regions. We use a minimum of three different data centres to store all customer data. We synchronise customer data to multiple locations to remove risk of a single point of data loss.
 

Perimeter Security

As well as using the firewall controls available via our cloud providers, we also employ custom firewall rules on every server to block unauthorized system access. Additionally, we use continuous port scanning to immediately detect any potential misconfigurations within our infrastructure.
 

Employee Access

Employees will not change configurations on your account without prior notification. We strive to pre-announce any changes to the system that will affect your use in any way. Employee access to our infrastructure is strictly limited to engineers who require such access in order to maintain the stability and efficiency of our systems. Access is based upon the principle of least privilege and requires the use of two-factor authentication. All access attempts are logged and multiple failed attempts will cause the relevant users to be locked out.
 

Additional Information

Any further questions can be sent to security@linkfire.com.
 
For more information on how security at Linkfire is aligned with GDPR, read our latest in our GDPR FAQ page.
 

Responsible Disclosure

Linkfire is serious about security. We encourage anyone to privately and responsibly report possible vulnerabilities and incidents to us so that we can address these issues quickly.
 
If you have discovered a security incident or wish to report a vulnerability in our product, please send us an email at security@linkfire.com (use Keybase.io or our PGP key to encrypt any sensitive data). We request that you do not disclose any risks publicly until we have been able to understand the incident and develop a mitigation plan. We’ll be sure to keep all information confidential and work with you to make sure we understand the issue and address it as quickly as possible.
 
All issues reported to the Linkfire Security Team will promptly be addressed.
 
  • We will acknowledge any submission in a timely fashion (usually within 72 hours).
  • We will assess the issue fully. (We may keep this information from the public until the issue is fully addressed to prevent any further risk to Linkfire products.)
  • Once the issue is fully addressed and resolved, we will alert any affected customers.
 
If possible, please send the following information:
  • Steps to reproduce, preferably in txt.
  • Demonstration of the risk, this includes URLs and any parameters.
  • Any relevant details of your system’s configuration, such as any browser or user-agent information.
  • In order to coordinate with our logs, please share your Linkfire account.
  • Please do not send any binary/executable attachments.
  • If the information is sensitive, please encrypt your communication with Keybase or our PGP key.
 
We ask that you use common sense when seeking out security bugs. Do not attempt to compromise other users or accounts on Linkfire or attempt to impact the stability of our infrastructure (Denial of Service attacks, etc). 
 
Vulnerabilities should be disclosed to us privately and we should be given reasonable time to respond.
 
Running security scanning tools tend to create more noise than useful information. While we appreciate research and disclosure, we kindly ask that you do not use scanners to find vulnerabilities.
 
Thank you for working with us.
We respect the talented people that locate security issues and appreciate all efforts to disclose responsibly.
 

Linkfire Security Team Keys

Keybase.io
Keybase.io is our way of proving who we are and our respective keys. You can use it to verify Linkfire’s PGP Key and send us encrypted communications.
PGP
Fingerprint: D830 CC89 409D 7466 DF68  B288 982D 31DD 1F01 60A0
ID: Linkfire 
Key: 4096R/[1F0160A0]
Type: 4096 Bit RSA
                         
-----BEGIN PGP PUBLIC KEY BLOCK-----
 
mQINBFrGKB8BEACo23x9V4RUTYRJHhQEoyEAk3Ttqq88leSdGcnDaDblUmk9DHZY
j8JcC53XOQnqbOKHulIK/iZ0dJiLUnVFAlbKg6eFi5YBwKqIWEmscABZTiU+/Hm3
9Xsm02Vlygt4V1BTS+UtOUb1srcbqzElW711h+r4UyFhNUb08oaCY6TxhuUozzdA
etIwbz8cHp/y2e8VHi5KqsypL3eSoLLOqfWCRa0Es2MkNv884NoA+C5UfHdVfu48
WJU3fROiC7EYfjCtc11UTXHfwptAdKElVA4PSbQFPdHvHpEJNHZ6qBihnUgoEoCo
pqQ1RB4aQGVwTb2JcD8SFUAzxSIHz4F+b8huvsYmDzBMdH7chzLD0geKa0LgaaoS
BAFeP8n01RM18lhW/IlDXY++xIh2dgfPL3Wc1zqvQRkqFsXugcYhoRFxR6dWI00k
Fo4a9GfcY3t5FLsFEkF3sDQmh2VjeGvjNbSCwZa9Yw4vchaDOBJakmvmbZj2P6Lc
KbpwNfSVXdcG4zOIn9SLPqV6G7JCY/HZSFXkI1+2yx51yuxYD2brZFcdzL2kg3Dd
qYUraOQ7osszpCg8NE4rn5upfwjZ8RLp940e/3Rr2j3N99Bd6zE7IPk0vQzxnHID
VVBcXZaL+77g2q+phaeAR1uT4IdOcpNHp0TWGMU7yoDbuQdkjbwdKqN9NQARAQAB
tCBMaW5rZmlyZSA8c2VjdXJpdHlAbGlua2ZpcmUuY29tPokCTgQTAQgAOBYhBNgw
zIlAnXRm32iyiJgtMd0fAWCgBQJaxigfAhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4B
AheAAAoJEJgtMd0fAWCg2NIP/A0DWyYaQaDhF7mia2zHcD+/eQiwZsaLtjbPaR6H
2Ni0g6d4Dfy/S6a9b9IMX/HBBjO5oywedofqCrO2lxfyh9G9Hhk/xURi6lSRwei9
Jetv7AsC8jY9th0hAXupKusm/INZdZ2IGxtU/AA1a/L9g2Wke4+MKdbcS1y3IFF6
Q/Mu9RvGewPm2T3icNTYXMl1lPDnJtiv467A6hXCUr2AgoRTd1/l/yT9bGjD27Lp
6zkwoLe6gh0B+90B3muQnor6Ed21ytYlCdnADpFNa/Xrkmg17mYInCnr4JoM7eXT
+m0qOb6D4mjk7jIHX0YBWeh6EGUGZT4NEXVHZA+LuwX0FN0zurtm42Kcfox/z+mp
RM36P6VBQvp4sKNMWZXwGob/t1LAMD5ZyU4tZrDaE2ehtMz52ec4hzA/tZRp38sR
iiYR9ZBJ0ob2eDMNV7w4kkMpLdNuEaliL+w0SlBOE+LOc03/LXrfS+pMc60+NBAU
BG4jLhpGa2OcTtB9mtSeb6Dztjd6oEJTKjK+pBc+byUG5zEfdHzMz3TrkCThsSyE
lNGk/7lmwU3e/f8Kb5R1SVEU+fH7YrcRTEDXvH7ICc4fTvPdsioU0diKPphCRAM+
8UN4/zo46wfXHNeF2qZXA41phZgGy+MSmiSCkivmN/6FMFEFmU2oDTHrO8f7Zxo9
fZ/euQINBFrGKB8BEAD9S68FnhocbOPkYjcTW+798HupPt9Rt2yaZY5n3IB3C3p2
iEIEut/7QW5APcKTLHM+jogZqeCwZNW8GPdHEioOVg5nmNDLNJSG5STC758xQufn
oeweE4/a5PZ5Mbe95q1qEHRysgTMOJDc+PH5FvK8YghGM6aNGablvXbSGnBJ3l1E
qMco5M+xhiUVql1zovE2U47zCnlT0DdBumqEFzRdeC4tyYXkGEtK+9uHU+nC5GFe
LFaSRpPaNDdyIIgVwcO8Q8lBoP5/htZ7N4DHugFZLG/54dObyFh001MJwfQX/S5T
Y9rl3eQLqn7r+6wNXL062fUYHD/buINGeI7MrMOZK/f4Y4kMwXtA99F2Py5piF8q
fTSwIYgBftxb7jiD6z7VmIOGhPN20Tle4/k4NpCdbc7gf+880uD71W1CuPtE8qiK
6oG6DNv+q7iIV7kaETfrZolYrHVUq95HoA4/IKfHZI6rfOIkIImdMhh7XTwe9rvQ
2fA6TB1xo7x/pXlg0k363PMRscH3L6qUPwUm6v+fhUP9pSdZzd0Vn00weGFAf38w
w1cC2Kkkh2ThgfVh2zTE4qrCFlNy+kYk4DZ30n2GGedrXrUGy93suyUUWQxNR+My
Y4Bg68i1u/uf08+F0eBz8acKV2SHllHC6wIfYTsC0Y1soFjXq7zMlv4bnhFRqQAR
AQABiQI2BBgBCAAgFiEE2DDMiUCddGbfaLKImC0x3R8BYKAFAlrGKB8CGwwACgkQ
mC0x3R8BYKDahw/7B9KpY5gVoEUfbEiROHqlbyBiSHuwFUb2I0unndgoJ2nZhsPB
1Lk8yGY6sSnwTHEuIDrpYFavn20JeYcD1I2KZa35oANQ19D4Q65w+MUfkXxEIQz3
uDsBT2zCajpBQBKyj7nvioJYzVrl9iHqcj4PF8uVYYi7optVWngyX1bah6DuykRX
word7xMf0JAJ9n7jXss+IVWFpImp9+8nprAfObgd1uR+TMd0xg4apUW89Ysk1keB
svfzwTf059nN2utqpfSXJc2AJVBQz7d9EUDJiUTa5Mxn34BK3D0Ihjh18c7XZP1e
XDCwusBbqxdPUowaJNr49SL+ZJk7DoWP4iErIXIJCL415E2nlccXFa6UnIlwIyMk
WT64gofglI1sPKptUdX9+11+ilPvDenCVRnql3tg7rILBRHo2+6wYVpJyNjGs0TC
E+u4LNdKSgVppO7UIVtI6gj2easTauOoxnMNhilbeFm3c8i5+hle+kaW6gq1IPdv
dTm2mtrKVafx6gyovgoP5Ggq/jgVj8jDynk0jYvZp0YZJccCuQQMAwCmg3SOBCUk
KsUWRKFVyk50I9Fl2/fBrQ0L+JgGnzYoYUJq48XRHMEXdpOGAweqavUYAdh2bSKB
5tyo93t5QatpQ1Gl26e4QNtJ8A2t8Fez7afN1G0NzCGTfI8cdFaJGbUrkSk=
=Y1eh
-----END PGP PUBLIC KEY BLOCK-----
Was this article helpful?
0 out of 0 found this helpful