Admin Dashboard
Bharat Lodge Sedam ·
Website
Live
Deployed on Vercel
WhatsApp
+91 89711
34523 — Active
Session
30:00
Auto-logout timer
Security
Checking…
Security score
Quick Actions SHORTCUTS
Setup Checklist IMPORTANT
| Website deployed on Vercel | ✓ Done |
| WhatsApp booking connected | ✓ Done |
| Google Maps embed | ✓ Done |
| Google Review link | ✓ Fixed |
| Security headers (HSTS, CSP, etc) | ✓ Active |
| Google Places API Key (live reviews) | ⚠ Pending |
| Google Place ID (live reviews) | ⚠ Pending |
| Admin password changed from default | ⚠ Change Now |
Security Audit
Real-time security status for Bharat Lodge website
HTTP Security Headers ACTIVE ON VERCEL
Strict-Transport-Security (HSTS)
Forces HTTPS for 2 years, includeSubDomains, preload
✓ Enabled
Content-Security-Policy (CSP)
Restricts scripts, styles, iframes and connections to trusted sources only
✓ Enabled
X-Frame-Options: DENY
Prevents clickjacking — no iframing of this site
✓ Enabled
X-Content-Type-Options: nosniff
Prevents MIME-type sniffing attacks
✓ Enabled
X-XSS-Protection
Browser-level XSS filter enforcement
✓ Enabled
Referrer-Policy: strict-origin
No referrer leakage to external sites
✓ Enabled
Permissions-Policy
Camera, microphone, USB, Bluetooth all blocked
✓ Enabled
Cross-Origin-Opener-Policy
Protects against cross-origin attacks
✓ Enabled
Admin Panel Security THIS PAGE
Brute Force Protection
5 attempts max → 15-minute lockout with countdown
✓ Active
Session Timeout
Auto-logout after 30 minutes of inactivity
✓ Active
Idle Warning
60-second warning before auto-logout
✓ Active
Password Hashing (SHA-256)
Password stored as SHA-256 hash, never plaintext
✓ Active
Session Token (UUID)
Unique token per session, verified on every action
✓ Active
noindex / nofollow
Admin page hidden from all search engines
✓ Active
No-Cache Headers
Browser never caches admin content
✓ Active
Default Password Changed
Change from default password to custom secure password
⚠ Change Recommended
Announcement Banner
Show a message at the top of every page. Leave blank to hide.
Banner Message LIVE ON SITE
0/120
Preview
No announcement active
Rooms & Content
Manage room names and types displayed on the website.
Room 1 — Deluxe CARD
Room 2 — Premium CARD
📸 Add More Photos GUIDE
To add more photos from your Google Business profile to the website:
1. Download photos from your Google Business account
2. Add them to the gallery section in index.html
3. Re-upload the folder to Vercel to deploy the update
Contact & Info
Update phone number, WhatsApp and address shown on the site.
Contact Details SITE-WIDE
Note: Changes here are saved locally. To permanently update the phone on the website, ask your developer to update the
BL.phone and BL.wa values in the HTML files and redeploy.Google Integration
Add your API key to show real-time Google reviews on the website.
Google Places API FREE $200/MONTH
Get free at console.cloud.google.com → Enable "Places API"
Find at: Place ID Finder → search "Bharat Lodge Sedam"
Step-by-step (takes 10 minutes, completely free):
1. Visit console.cloud.google.com → Create free account
2. New Project → Enable Places API → Create Credentials → API Key
3. Restrict key to your domain:
4. Find your Place ID using the link above → paste both here → Save
1. Visit console.cloud.google.com → Create free account
2. New Project → Enable Places API → Create Credentials → API Key
3. Restrict key to your domain:
bharatlodgesedam.vercel.app4. Find your Place ID using the link above → paste both here → Save
Change Password
Use a strong password — minimum 8 characters with numbers and symbols.
Update Password SECURITY
Enter a password
Password requirements: Minimum 8 characters · Mix of uppercase, lowercase, numbers and symbols recommended · Avoid using your name or "bharat"