Security Guides
Step-by-step instructions to fix the most common issues.
How to disable source maps in production
Source maps expose your original source code to anyone. Learn how to disable them for Next.js, Vite, CRA, Astro, Vue (Nuxt), Angular, and WordPress.
How to fix API key leaks in JavaScript bundles
API keys in your frontend bundle are readable by anyone. Learn the right way to handle secrets in Next.js, Astro, Vue (Nuxt), Angular, WordPress, and PHP.
How to add security headers to your web app
CSP, HSTS, X-Frame-Options and other headers protect against XSS, clickjacking, and MIME sniffing. Step-by-step for Next.js, Astro, Vue (Nuxt), Angular, Nginx, Apache, and Vercel.
How to fix TLS/SSL issues on your site
Outdated TLS versions, expiring certificates, and domain mismatches. How to diagnose and fix TLS problems depending on your hosting.
How to fix missing SEO and meta tags
Title, description, Open Graph, canonical, robots.txt — what each one does and how to add them in Next.js, Astro, Vue (Nuxt), Angular, WordPress, and Tilda.