Secure Access Flow – Cloudflare Tunnel, Pattern Login, Cashbook Application
Impulse: Small cashbook – big security blueprint? Who’s in?
First things first:
This idea is not about the “right” programming language or database.
Whether you work with mod_harbour, classic PHP, Node, Python… – and whether your data ends up in DBF, SQL or JSON:
What really matters is the architecture:
How do we separate login/session from business logic?
How do we plug in Cloudflare Tunnel + MFA?
How do we keep everything simple enough to understand, explain and replicate?
I’m currently building a deliberately small but security-aware cashbook system and I’m wondering if this could become a nice shared “blueprint” exercise for the community.
Technical key points (simplified architecture):
The server runs only on the internal network, no direct public web access
Remote access is RDP only, secured via a Cloudflare Tunnel
Web access (if enabled at all) goes exclusively through Cloudflare with MFA (Zero Trust / Access)
The application itself:
Login via pattern login (number grid instead of a classic password)
A central login.php / login.prg (or similar) as the only authentication entry point
Feature pages (dashboard.php, cashbook…) only check the session and do not implement their own authentication
Data storage is intentionally minimal – for the learning project, JSON is enough, but the concept translates 1:1 to DBF or SQL
Technologically language- and database-agnostic:
can be implemented in mod_harbour (DBF),
in PHP with JSON or SQL,
or in any other stack – as long as the login/security concept stays the same.
The goal is not to build “the perfect accounting system”, but a small, realistic prototype that lets us:
explore session and login architecture,
experiment with Cloudflare Tunnel + MFA as an extra protection layer,
create a clear, easy-to-read reference for “secure small web apps on your own server”,
and document the process so others can benefit later.
Question to everyone:
Who would be interested in such a joint starter project?
Technology-neutral: mod_harbour (DBF), PHP (JSON/SQL), other backends – as long as the concept is shared.
Would a small, well-documented “cashbook blueprint” be useful for you as a learning and reference project?
