By default, Cachet can be accessed by any third-party server. This may not be ideal for security reasons, so we recommend you configure CORS to only allow access from your own domains.
You may configure your Cachet installation for CORS very easily. To blacklist everybody except one or more domains:
https://demo.cachethq.io,https://status.cachethq.io