Work02 — FeaturedAccessibility · Germany

BarriereHilfe.

A secure, 3-tier accessibility compliance ecosystem delivering zero-dependency WCAG solutions at scale.

Visit Live Project
CLIENT
BarriereHilfe
ROLE
Full-Stack Architect & DevOps Lead
YEAR
2025
DURATION
June 2025 - Nov 2025
STATUS
Completed
barrierehilfe
§01 — OVERVIEW
BarriereHilfe is a state-of-the-art digital accessibility platform designed to bring websites into full WCAG (Web Content Accessibility Guidelines) compliance instantly. Built as an interconnected, distributed 3-tier system, the architecture comprises a high-performance Next.js marketing and auditing interface, a zero-dependency vanilla JavaScript accessibility widget served securely via a custom CDN, and a robust PHP administration dashboard. The entire platform enables corporate and government clients to easily integrate accessibility controls on their websites by pasting a single script tag, while allowing administrators to customize, restrict, and manage widgets centrally.
§02 — CHALLENGE

Ultra-Lightweight Multi-Tenant Script Delivery

The accessibility plugin is injected into third-party client websites, meaning it must load instantly without introducing external frameworks, dependencies, or slowing down the host website's page speed. It needed to dynamically fetch tenant-specific display configurations on the fly.

CDN Origin Protection & Bandwidth Security

Because the plugin is loaded via a public CDN script on 'cdn.barrierehilfe.de', it was highly vulnerable to bandwidth theft, unauthorized domain hotlinking, and script injection. The CDN needed strict origin security rules to restrict script loading exclusively to licensed client domains.

Distributed Legacy-Modern Interoperability

Seamlessly coordinating real-time configuration syncs between a legacy-compatible PHP administrative back-end, a modern React/Next.js frontend, and a native Vanilla JS client-side widget required secure, lightweight APIs and high-availability container routing.

§03 — THE BUILD
barrierehilfe
barrierehilfe
barrierehilfe
Centralized PHP administrative control dashboard showing custom WCAG styling configurations
§04 — APPROACH
I architected the platform's core to separate concerns strictly across three distinct stacks. For the plugin itself, I wrote native, highly optimized Vanilla HTML, CSS, and JS, ensuring it fits under 20KB and bypasses any framework overhead. To secure the assets, I configured strict CORS policies, HTTP origin headers, and domain-restricting referer protections on the CDN to forbid unauthorized requests. I then designed secure REST API endpoints between the PHP administrative dashboard and the CDN to stream custom client configurations. Finally, I deployed the entire distributed network onto a Kubernetes (K8s) cluster with custom Ingress configurations, auto-scaling horizontal pods, and containerized Docker environments for maximum high-availability and zero-downtime rolling releases.
STACK
Next.jsPHPVanilla JSCDNKubernetesDocker
§05 — OUTCOMES
3-Tier
Interconnected Systems (Next.js + PHP + Native CDN)
<45ms
Average CDN Widget Initial Script Latency
100%
WCAG AA/AAA Technical Compliance Standard
K8s
High-Availability DevOps Infrastructure
NEXT PROJECT
03 / 4
Kodschul

Empowering enterprise teams and developers through hands-on, high-impact IT and AI training.