Skip to content

Instantly share code, notes, and snippets.

@hortinstein

hortinstein/Audit.md

Created June 20, 2025 17:20
Show Gist options
  • Save hortinstein/735924b6c86380eb653c16315e2c2bc3 to your computer and use it in GitHub Desktop.
Save hortinstein/735924b6c86380eb653c16315e2c2bc3 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
Audit.md

Website Audit Report: abs.bodal.dev

Executive Summary

abs.bodal.dev is a self-hosted Audiobookshelf instance, a web-based audiobook server and player application. The site is hosted on residential internet infrastructure using Ziply Fiber's network with dynamic DNS resolution.

Website Overview

  • Purpose: Audiobookshelf - Personal audiobook library management and streaming
  • URL: https://abs.bodal.dev
  • Status: Active and responsive
  • Content Type: Single Page Application (SPA)

Technical Stack

Frontend Framework

  • Primary Framework: Nuxt.js 2.25.1
  • Base Technology: Vue.js (client-side rendered)
  • Build Type: Single Page Application with client-side routing
  • Base Path: /audiobookshelf/

Web Technologies

  • HTML5: Modern DOCTYPE with semantic structure
  • JavaScript: Native ES6+ with Nuxt framework
  • CSS: Custom animations and responsive design
  • PWA Support: Progressive Web App capabilities enabled

Browser Compatibility

  • Mobile Optimized: PWA-ready with mobile web app capabilities
  • Apple Integration: iOS app-like experience with touch icons
  • Theme Support: Dark theme (#232323) optimized

Hosting Infrastructure

Network Details

  • IP Address: 50.125.95.228
  • ISP: Ziply Fiber (AS20055)
  • Location: Kirkland, WA, USA
  • Network Type: Residential/Business fiber connection
  • DNS Provider: MyNetName.net dynamic DNS service

Server Configuration

  • Web Server: Caddy (detected via headers)
  • Protocol: HTTP/2 with H3 (HTTP/3) support
  • SSL/TLS: HTTPS enabled
  • Caching: Public cache enabled (86400s max-age)

Domain Setup

  • Primary Domain: abs.bodal.dev
  • DNS CNAME: Points to hfa097gy19w.sn.mynetname.net
  • Dynamic DNS: Uses MyNetName.net for residential IP management

Security Analysis

Transport Security

  • HTTPS: ✅ Enabled
  • HTTP/2: ✅ Supported
  • Content Security Policy: Frame-ancestors 'self' (basic protection)
  • Robot Exclusion: Robots noindex directive present

Application Security

  • Error Handling: JavaScript-based error detection
  • XSS Protection: Basic CSP implementation
  • Authentication: Not visible in public interface (likely behind login)

Privacy Considerations

  • Search Engine Indexing: Disabled (noindex)
  • Public Access: Appears to be intended for private use
  • Data Collection: No external tracking detected

Performance Characteristics

Loading Optimization

  • Resource Preloading: JavaScript chunks preloaded
  • Asset Optimization: Minified and chunked JavaScript
  • Caching Strategy: Public caching with ETag support
  • Progressive Loading: Custom loading screen with animation

Asset Management

  • JavaScript Bundling: 4 main chunks identified
    • 18b8e5b.js (main application)
    • 3ab87dd.js (vendor libraries)
    • 3418104.js (runtime)
    • 212bcf5.js (additional modules)
  • Manifest: PWA manifest available
  • Icons: Multiple icon sizes for different devices

Application Features

Core Functionality

  • Media Server: Audiobook streaming and management
  • Library Management: Personal collection organization
  • Cross-Platform: Works on desktop, mobile, and tablets
  • Progressive Web App: Installable on devices

User Interface

  • Responsive Design: Mobile-first approach
  • Dark Theme: Default dark color scheme
  • Loading States: Animated loading indicators
  • Error Handling: Graceful error state management

Infrastructure Assessment

Hosting Type

  • Classification: Self-hosted/Home server
  • Internet Connection: Residential fiber (Ziply Fiber)
  • Uptime Dependency: Dependent on home internet stability
  • Dynamic IP: Uses DDNS to handle IP changes

Scalability Considerations

  • Current Setup: Single server instance
  • Performance: Limited by residential connection bandwidth
  • Availability: No redundancy or load balancing
  • Geographic: Single location hosting

Risk Assessment

Technical Risks

  • Single Point of Failure: Home internet dependency
  • IP Changes: Reliant on dynamic DNS service
  • Bandwidth Limitations: Residential connection constraints
  • Power Outages: No apparent backup power solutions

Security Considerations

  • Exposure: Personal server exposed to internet
  • Attack Surface: Web application vulnerabilities
  • Update Management: Manual security updates required
  • Backup Strategy: Unknown data backup procedures

Recommendations

Security Improvements

  1. Implement Web Application Firewall (WAF)
  2. Add rate limiting for brute force protection
  3. Enable more comprehensive Content Security Policy
  4. Consider VPN access instead of direct exposure
  5. Implement automated security updates

Performance Optimization

  1. Add CDN for static assets
  2. Implement service worker for offline capability
  3. Optimize image delivery for mobile connections
  4. Add bandwidth monitoring and alerts

Infrastructure Resilience

  1. Implement automated backups to cloud storage
  2. Add UPS for power outage protection
  3. Consider secondary internet connection
  4. Set up monitoring and alerting systems

Conclusion

abs.bodal.dev represents a well-configured personal media server running Audiobookshelf. The technical implementation is modern and follows current web standards, but the residential hosting setup introduces availability and security considerations typical of home-hosted services. The owner has implemented good practices for dynamic DNS and HTTPS, making it a solid personal media streaming solution with room for infrastructure improvements.

Audit conducted on: June 20, 2025 *Methodology: HTTP analysis, DNS queries, WHOIS lookups, and web

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment