What You Need to Know
- Passwords are scrambled before they're stored. Even we can't read them. Each password gets its own unique random code added before scrambling, so no two look alike — even if two people use the same password.
- Everything travels encrypted. When you sign in or use the site, all data between your browser and our server is scrambled using HTTPS — the same technology banks use. Nobody can intercept it.
- Sensitive files live outside the website. Database passwords, API keys, and configuration files are stored in a protected area that the internet can't reach — even if someone found the URL.
- Google Sign-In is the safest option. We never see or store your Google password. Google handles all the verification and just tells us your name and email. That's it.
- Your data stays yours. We will never sell, share, or use student or teacher information for advertising, marketing, or any non-educational purpose. Period.
- There are no hidden third-party tools. No analytics trackers, no advertising scripts, no third-party plugins that could leak data or introduce vulnerabilities. Every line of code is written and maintained by the developer.
- The site is protected by Cloudflare. Before anyone even reaches our server, Cloudflare screens for malicious traffic, blocks bots, prevents DDoS attacks, and provides our SSL security certificate.
- The database is separate from the website. Even if someone compromised the web server, the database lives on its own isolated cloud server (AWS RDS) with its own security layer — not directly accessible from the internet.
All passwords are hashed using bcrypt via PHP's password_hash() function with the default cost factor. Bcrypt is a one-way cryptographic hashing algorithm — passwords cannot be reversed or decrypted, only verified against the stored hash.
Each password is automatically salted with a unique, cryptographically random value before hashing. This means two identical passwords produce completely different hash outputs, defeating rainbow table and precomputation attacks. Bcrypt's adaptive cost factor also makes brute-force attacks computationally prohibitive.
password_hash($password, PASSWORD_DEFAULT) generates a 60-character hash stored in the database. Verification uses password_verify(), which is timing-safe against side-channel attacks. Security question answers are hashed with the same method.
All traffic between the user's browser and GradeWise is encrypted using TLS (Transport Layer Security) via Cloudflare's Universal SSL certificate. This prevents man-in-the-middle attacks, packet sniffing, and session hijacking on any network, including public Wi-Fi.
Cloudflare enforces "Always Use HTTPS" and Automatic HTTPS Rewrites, meaning all HTTP requests are automatically redirected to HTTPS. There is no unencrypted entry point to the site.
gradewise.school and *.gradewise.school. Certificate renews automatically.
GradeWise sits behind Cloudflare's global network, which acts as a reverse proxy and security layer. All traffic is screened before it ever reaches the origin server, providing protection against volumetric DDoS attacks, credential stuffing, and automated abuse.
Active protections include Bot Fight Mode (blocks known malicious bots), Page Shield (monitors for malicious scripts and connections), the Web Application Firewall (filters common attack patterns like SQL injection and XSS), and rate limiting on sensitive endpoints.
GradeWise uses Google OAuth 2.0 for sign-in, requesting only the minimum required scopes: userinfo.email and userinfo.profile. We never see, handle, or store the user's Google password. Authentication is handled entirely by Google's servers.
OAuth state parameters are generated with random_bytes(32) to prevent CSRF attacks during the authentication flow. Sessions are regenerated after login using session_regenerate_id(true) to prevent session fixation attacks.
GradeWise runs on Amazon Web Services (AWS). The web application server (EC2) and the database (RDS MySQL) are separate, isolated resources. The database is not publicly accessible — it accepts connections only from the application server within the same Virtual Private Cloud (VPC).
All sensitive configuration — database credentials, API keys, encryption secrets — are stored in files outside the public web root (/var/www/config/), protected by filesystem permissions and .htaccess rules. Direct HTTP access to these files is impossible. Directory browsing is disabled server-wide.
GradeWise includes no third-party analytics (no Google Analytics, no Meta Pixel, no Hotjar), no advertising scripts, and no embedded third-party widgets that could track users or introduce supply-chain vulnerabilities.
The entire codebase is written and maintained by the developer. External dependencies are limited to Google Fonts (typography only, no tracking), Cloudflare (security infrastructure), and the Anthropic API (for AI features — which receives only academic content, never personal identifiers like student names or emails).
Questions about security or privacy? Contact us at
info@gradewise.school.
For full legal details, see our Privacy Policy
and Terms of Service.