guides

Security Best Practices

Harden your Pyvorin deployment: secrets management, access control, and audit logging.

Published May 30, 2026

Secrets Management

Never commit thin_config.json containing license keys.
Use environment variables or Docker secrets for PYVORIN_THIN_LICENSE_KEY.
Rotate license keys quarterly via the dashboard.

Access Control

Restrict access to ~/.pyvorin/cache and ~/.pyvorin/usage with filesystem permissions.
Run Pyvorin under a dedicated service account in production.

Audit Logging

Enable verbose logging for compliance:

export PYVORIN_LOG_LEVEL=DEBUG
pyvorin run script.py

Network Security

Use HTTPS-only API endpoints (default).
Pin TLS certificates in high-security environments.
Verify the API base URL matches https://api.pyvorin.com.

Source Code Upload

Keep PYVORIN_THIN_SEND_SOURCE=0 (default) in production.
Enable source upload only in isolated debug environments.