Security at TeleBot Host
Last Updated: December 8, 2025
We take the security of your bots, data, and access seriously. This page explains the core measures we use to help keep your projects safe.
Infrastructure Security
- Encrypted data transmission (HTTPS/TLS) across our dashboard and APIs wherever applicable.
- DDoS mitigation and rate limiting to reduce the impact of abusive or automated traffic.
- Resilient cloud hosting with redundancy and regular monitoring of system health.
- Ongoing security updates, patching, and server hardening practices.
Bot & API Protection
- Per-bot token isolation to limit the impact of compromised credentials.
- Built-in API flood control designed to reduce Telegram flood risk and abuse.
- Automatic update delay mechanisms (such as small delays between updates) to help prevent spam-like behavior.
- Sandboxed execution environment for TBL code to separate bot logic from core platform systems.
User Data Safety
- We do not store full bot conversations for analytics or marketing purposes.
- Authentication sessions are handled with secure, hashed tokens.
- Bot tokens are stored using industry-standard encryption and access controls.
- We do not sell your personal data; limited sharing only occurs as described in our Privacy Policy.
Internal Safety Controls
- Automated detection of suspicious patterns, potential abuse, or high-risk behavior.
- Real-time monitoring of platform performance and critical security events.
- Abuse and spam protection aligned with our Acceptable Use Policy.
- Strict access control and least-privilege principles for internal tools and sensitive operations.
Your Responsibility
- Keep your bot tokens, API keys, and account credentials secret and never share them publicly.
- Revoke and rotate tokens immediately if you suspect a leak or compromise.
- Follow our Acceptable Use Policy to avoid abuse and security risks.
- Regularly review your bot’s behavior, logs, and permissions.
TeleBot Host