Security
We take security seriously. We work hard to protect the privacy and security of our users, visitors, and partners. We always welcome additional input into our security procedures.
Reporting security problems
Contact us directly at security@collectiveidea.com if you have urgent security concerns. You may use our public key to communicate securely with us.
We will acknowledge your concern promptly and inform you of our response. We won’t publicly disclose investigation until we can properly fix any issues. Once resolved, we will inform you and publicly acknowledge your assistance.
Note to Security Researchers
Harmony is a website hosting service. We allow arbitrary javascript and file uploads as part of hosting a website. While we will address any illegal or unethical use per our Terms of Service, we regard the ability to fully customize your own website a feature, not a bug.
Thank You
Thank you to the following security researchers and users who have responsibly reported issues to us.
- Christian Lopez (@phr0nak)
- Sabari Selvan (@EHackerNews)
- Wan Ikram (@rinakikun)
- Emanuel Bronshtein (@e3amn2l)
- Frans Rosén (@detectify)
- Yuji Kosuga (@yujikosuga)
- Shashank (@cyberboyIndia)
- Krutarth Shukla
- Kamil Sevi (@kamilsevi)
- Ajay Singh Negi (@AjaySinghNegi)
- M.R.Vignesh Kumar (@vigneshkumarmr)
- Nikhil Kulkarni (@nikchillz)
- Rafay Baloch (@rafaybaloch)
- Brandon Keepers (@bkeepers)
Also a big thanks to the Ruby on Rails Security team.