Open a PDF

Security

Security controls should match the processing mode.

Local tools reduce server exposure. Cloud, AI, OCR, and API workflows need explicit isolation, retention, and access controls.

TLS

All production traffic should use HTTPS/TLS with secure cookies where accounts are introduced.

Encryption at rest

Planned cloud jobs should use encrypted object storage and signed URLs.

Signed URLs

Future cloud files should be accessed through short-lived signed URLs, not public buckets.

Malware scanning

Uploaded files in cloud workflows should be scanned and isolated before worker processing.

Sandboxed processing

Cloud PDF workers should run with CPU, memory, time, filesystem, and network controls.

No PDF JavaScript execution

The web viewer should not execute PDF JavaScript/actions while previewing untrusted documents.

Responsible disclosure

Report security concerns to security@clearpdf.net. Include reproduction steps and affected URLs when possible.

Compliance roadmap

DPA, subprocessors, audit logging, regional processing, SSO, SCIM, and enterprise controls are Phase 3 or later.

Backend status

Security control readiness

These checks come from backend readiness data and retained-evidence gates. They do not replace live TLS, storage, malware, or deployment evidence.

  • Object storageazure-blob storage signing probe generated upload/download contracts without exposing storage secrets; live write/delete/read-after-delete evidence is still required.
    partial
  • Malware scanningOnly local/noop or signature scan behavior is expected without ClamAV configuration.
    local only
  • Worker services0/4 worker service URLs are configured; 0 active worker heartbeats advertise 0 ready operations. 0/0 required runtime binary contract(s) are locally approved. Queue-worker HTTP dispatch is blocked by 4 missing readiness item(s). Live retained worker deployment evidence is still required.
    missing
  • Queue backendQueue provider memory is configured; Redis TLS is enabled.
    configured
  • Telemetry and error reportingNo Sentry/PostHog/OpenTelemetry exporter configuration is present.
    blocked
  • Release domainConfigured public API base URL is https://api.clearpdf.net; live DNS/TLS/ingress evidence is still required.
    partial
  • Retained production evidence0 valid retained candidate manifests; 0 required evidence items missing.
    configured

Build local-build-unset; release domain api.clearpdf.net; retained evidence missing items 0.