In transit
Use TLS and fix certificate warnings before relying on an address for daily access.
Security
Private storage with a server-readable trust model
SyncVisor keeps storage under your control, but the server can read files. That tradeoff enables previews, deduplication, compression, sharing, WebUI, WebDAV, and restore.
Trust Model
What to know before storing sensitive files
At rest
SyncVisor supports optional server-side at-rest encryption. The server remains part of the trust boundary.
Admin access
Anyone who controls the server or admin account may affect stored data and backup configuration.
Backup
Choose backup targets you control, protect credentials, and test restore before moving important files.
Tools
WebUI and WebDAV/rclone use the server trust model. Treat tool access like normal account access.
Reports
Send concise, non-public security reports with reproduction details.
Report a security issue
Email a short description, affected version, setup details, and reproduction steps. Avoid sharing exploit details publicly before we respond.
Email security report