-
Notifications
You must be signed in to change notification settings - Fork 149
FAQ
It is the result of @zemmiph0bia watching far too much Banana's in Pyjamas as a child. There was a character called 'Rat in a Hat', a dastardly fellow who used to frequently say 'Trust me, I'm a rat'. Ultimately, you store precious things in an attic and usually rats tend to reside in attics. Thus, Rattic.
Early on we decided to eliminate the complexity involved with encrypting passwords in the database on a per-row or per column method. Ultimately doing it this way would have crippled the ability to search, increased the complexity of the codebase and not gained much. This is especially true if you try to store the encryption keys on the users machine and not the server. Eventually we came to the conclusion that it was best to insist that users install their database on an encrypted volume.
We recommend that users install the server in such a way that it will only serve pages over HTTPS. This makes sure that the passwords are not visible to anyone while in transit, it also ensures that they have not changed in transit.
Okay, relax, no need for exclamations. We host our documentation on GitHub in the built in Wiki section. You can view the latest documentation, and make edits where appropriate, by visiting this page. Your changes will be packaged up along with the next release of RatticWeb.