Dennis
1c545c93b4
Security: - Add CRON_SECRET auth to /api/cron/* endpoints - Add admin role verification to /api/admin/* routes - Add org membership check to /api/billing/usage - Add security headers (HSTS, X-Frame-Options, CSP, etc.) - Add env variable validation at startup - Add rate limiting to backend API (30 req/min per IP) Infrastructure: - Multi-stage Dockerfiles with non-root user + healthchecks - Updated cron workflow to pass CRON_SECRET header - Updated .env.example with all optional vars Smart subpage scanning: - Crawler now computes template_hash (DOM structure without content) - Scanner scans ALL unique-layout pages, not just main page - Pages with same layout (e.g. product pages) scanned only once - Deduplication by template_hash, fallback to content_hash - Main page always scanned with high priority - Re-checks subscription limits before each page scan Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
Website Monitoring Platform
This project is a modern website monitoring platform built with Next.js (App Router) for the frontend and a Dockerized Express-based Lighthouse scan worker for performance, SEO, and accessibility analysis.
Features
- Add and manage websites in a dashboard
- Trigger Lighthouse scans for any website via a button in the dashboard
- View scan results directly in the frontend
- Local development with Docker for the scan worker (Chromium included)
- Modular architecture for future automation, cron jobs, and database integration
Getting Started
Prerequisites
1. Install Dependencies
cd website-monitoring-frontend
npm install
2. Start the Lighthouse Scan Worker (Docker)
Build and run the scan worker container (from the project root):
docker-compose up --build scan-worker
This will:
- Build the worker image (installs Node.js dependencies and Chromium)
- Start the Express server on port 5001 inside the container
3. Start the Next.js Frontend
In a separate terminal:
cd website-monitoring-frontend
npm run dev