Pacharapol Withayasakpunt

Posted on Jun 16, 2020

SSL for custom domain on free-tier Heroku can be done with proper Cloudflare settings

#heroku #cloudflare #webdev #security

In short, you don't need an SSL certicate on Heroku at all, but

Cloudflare settings need to be

SSL/TLS encryption mode is Flexible.
Page Rules. You can only set 3 for free for a given domain name.
- *.your.tld/*
  - Always Use HTTPS

It is related to this post, where he uses WordPress (and the correlated MySQL / AWS S3.)

Complete Guide To Hosting Wordpress On Heroku With SSL Certification

aryaziai ・ May 26 ・ 7 min read

#heroku #wordpress #cloudflare #hosting

I am going to ditch Google Cloud Run for Heroku for now. I still get full power of Docker, with no problem of custom domain mapping (and avoid some meager payment, not free).

This website, with CORS-enabled public OpenAPI, actually. (Some other securities I put in are Helmet and Rate-Limiting, as well as database user being read-only.)

patarapolw / jpapi

An OpenAPI for Japanese with CORS enabled with full MongoDB query language

See why 4M developers consider Sentry, “not bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more

Top comments (1)

Irvan Fauziansyah • Dec 13 '20

Thanks dude, you really saved my day! After hours of setting up custom domain and SSL, I was almost frustrated to find this message from my last hope.

▸ You need to be running on either Hobby or Professional dynos to be able to use SNI SSL.

Mastering Productivity: 10 Effective Ways to Be Productive at the Workplace

Soft Heart Engineer - Dec 2 '24

7 Must-Try Open-Source Tools for Python and JavaScript Developers 🚀

Arindam Majumder - Dec 12 '24

Beyond the Hype: Four GameFi Trends Set to Redefine Gaming

Paul Osadchuk - Dec 1 '24

Virtual Reality in Web Development: Crafting Immersive Experiences with WebVR

Okoye Ndidiamaka - Dec 1 '24

DEV Community