SECURE YOUR CONNECTIONS.
Automatic SSL certificates, HTTPS enforcement, and security headers. All deployments are secured by default.
AUTOMATIC SSL
Boottify automatically provisions and manages SSL certificates for all deployments, including custom domains. No configuration required.
Let's Encrypt
Free SSL certificates from Let's Encrypt, provisioned automatically.
Auto-Renewal
Certificates are automatically renewed before expiration.
TLS 1.3
Modern TLS 1.3 protocol with strong cipher suites.
HTTPS ENFORCEMENT
All HTTP requests are automatically redirected to HTTPS. This ensures all traffic is encrypted in transit.
HTTP/1.1 301 Moved Permanently
Location: https://your-domain.com/path
# All HTTP requests redirect to HTTPS automatically
# No configuration neededNOTE: HTTP to HTTPS redirect is always enabled and cannot be disabled for security reasons.
SECURITY HEADERS
Security headers are configured in your Nginx config or Next.js headers configuration.
{
"headers": [
{
"source": "/(.*)",
"headers": [
{
"key": "X-Frame-Options",
"value": "DENY"
},
{
"key": "X-Content-Type-Options",
"value": "nosniff"
},
{
"key": "Strict-Transport-Security",
"value": "max-age=31536000; includeSubDomains"
},
{
"key": "Content-Security-Policy",
"value": "default-src 'self'"
}
]
}
]
}Using _headers file
/*
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000; includeSubDomains
/api/*
Access-Control-Allow-Origin: https://example.comCUSTOM CERTIFICATES
All deployments use Let's Encrypt certificates managed automatically by Boottify. Certificates cover both the default subdomain and any custom domains configured for your app.
Automatic Provisioning
Certificates are provisioned during deployment via DNS-01 ACME challenge.
Auto-Renewal
Certificates renew automatically before expiration.