Security Best Practices
2 min read
Updated 1 month ago
Security on Ploi Cloud
Your applications are protected by multiple layers of security that work automatically behind the scenes.
Application Security
- Automatic HTTPS encryption for all your applications
- Environment variables keep your secrets safe (no .env that can be leaked)
- Every application gets an automatic SSL certificate.
Application Isolation
- Each application runs in its own secure environment
- Applications cannot access each other's data or resources
- Non-root execution for enhanced security
- Automatic security updates applied regularly
Network Protection
Ploi Cloud automatically provides:
- Complete isolation between applications
- Encrypted connections between your services
- Protection from external threats
- Secure build environments for your deployments
Domain Security and Validation
All custom domains go through comprehensive validation before being added to your applications:
- Format validation ensures domains follow internet standards
- DNS verification confirms the domain exists and is properly configured
- Connectivity checks verify the domain is accessible
- Prevents typosquatting and malicious domain configurations
- Ensures domains are ready for SSL certificate provisioning
This validation helps protect against domain hijacking, invalid configurations, and ensures smooth SSL certificate generation for all your custom domains.
Data Protection
- All secrets are encrypted before storage
- Secure session management
- Automatic log sanitization to prevent secret leakage