Security
QuzenixCron executes arbitrary HTTP requests on your behalf — security is a core concern. Here's what we lock down on our end, and what we recommend on yours.
SSRF Protection
Server-Side Request Forgery (SSRF) is an attack where a malicious actor uses your server to reach internal endpoints — localhost, cloud metadata services, internal IPs. QuzenixCron blocks the following targets:
- Hostnames
localhost,127.0.0.1,0.0.0.0,::1 - AWS metadata endpoint:
169.254.169.254 - GCP metadata:
metadata.google.internal - Private IP ranges:
10.0.0.0/8172.16.0.0/12192.168.0.0/16- IPv6 private (
fc00::/7,fe80::/10)
Validation happens at two layers: when you create the job (form input), and again in the executor right before the request fires — defense in depth.
Protocol Restriction
Only http:// and https:// are accepted. No file://, ftp://, gopher://, or any other scheme that could be used to reach internal services.
Body & Header Size Limits
body: max 100 KB per requestheaders: max 8 KB total (all keys and values combined)
These limits protect against resource exhaustion attacks and keep database storage reasonable.
Request Timeout
Per-job timeout of 1–120 seconds (default 30). If a target is slow or hangs, the request is aborted and the worker moves on — this protects against malicious endpoints that deliberately delay responses.
Atomic Job Claim
Each scheduled run is claimed atomically — first writer wins. Even if multiple scheduler ticks run in parallel, every scheduled run executes exactly once.
Credential Storage
- User passwords: securely salted and hashed — never stored in plain text
- Cron job headers (e.g., bearer tokens): protected by row-level access control — only the owning account can read them
- All traffic is encrypted in transit (TLS only)
Reporting a Vulnerability
Found a security issue? Email quzenix.official@gmail.com with details. We'll get back to you within 48 hours.