Security

Security and privacy are at the heart of Korta. Here is how we protect your links and your visitors.

Destination scanning

Every destination is checked automatically against threat databases (Google Web Risk). Known malicious links are blocked; a link that has not been checked yet shows a warning page before opening, instead of redirecting blindly.

Check before opening

Anyone can inspect a link before clicking: real destination, domain and safety verdict, without leaving Korta. Any suspicious link can also be reported in one click.

Protected links and expiry

Protect a link with a password, or let it expire automatically. Anonymous links vanish after 7 hours by default, and you stay in control of how long your links live.

No tracking, no IP

No advertising cookies or third-party trackers, and your IP address is never stored. The details are in our privacy policy.

Passwordless sign-in

Korta uses a magic link sent by email: no password to remember, and none to steal.

Hardening

All traffic goes over HTTPS, a strict Content Security Policy (CSP) is enforced, and link creation is rate-limited to prevent abuse.