Jhonatan Arenas 🎨
Explore a curated selection of my projects and case studies that showcase my ability to turn ideas into impactful digital products.
Client For:
Internal Project
Services:
Backend API, Security Hardening, Email Delivery, TLS Configuration
https://www.iforwhile.com/contactOverview
Spring Boot backend API that receives contact form submissions from the iforwhile V1 website. It verifies reCAPTCHA v3 tokens to prevent spam and sends emails using a secured business mailbox. The API is served over HTTPS, and outgoing emails are transmitted via TLS encrypted SMTP, ensuring end to end security.
Challenges
The main challenge was combining robust anti spam validation, reliable email delivery, and a minimal public surface area in a low maintenance API.
reCAPTCHA v3 Verification
- Challenge: Blocking spam while keeping the form experience smooth.
- Solution: Server side verification of reCAPTCHA v3 with score thresholds and explicit error handling for traceability.
Secure Email Delivery
- Challenge: Ensuring encrypted delivery with high deliverability.
- Solution: SMTP over TLS with strong authentication; business sender configuration and retry handling.
API Hardening
- Challenge: Expose the smallest possible public surface and avoid abuse.
- Solution: Restricted CORS, rate limiting, payload sanitization, and deployment behind a reverse proxy with HTTPS.
Results/Conclusion:
A reliable, secure contact channel with low spam rates, clear observability, and consistent response times in production.
