Hyperflow for Enhanced Security

Enhance the security of your Webflow-hosted site with a full complement of security headers

Webflow offers basic website security through SSL, but the header configuration options are generally quite limited.

Hyperspeed gives you the ability to add these secure header configurations to your site.

Secure Headers

HSTS (HTTP Strict Transport Security)

HSTS enforces secure connections to your website by automatically redirecting HTTP requests to HTTPS. This prevents man-in-the-middle attacks and ensures data integrity and privacy.

Jul-2024 - HSTS headers have been added to Webflow,

Control over Access-Control-Allow-Origin

The Access-Control-Allow-Origin header manages which domains can access your resources. By configuring this header, HyperSpeed restricts resource access to specified origins, protecting your site from malicious cross-origin requests and reducing the risk of data leaks.


Permissions-Policy, previously known as Feature-Policy, controls which web features and APIs can be used in the browser. By setting policies such as geolocation, camera, and microphone, HyperSpeed limits the capabilities that can be exploited by malicious scripts and IFRAME-embedded content, enhancing your site's security and user privacy.

For example, this would block camera use entirely;

Permissions-Policy: camera=()

While this would restrict use to specific origins

Permissions-Policy: camera=(self "https://www.mysite.com")


The Referrer-Policy header controls the amount of referrer information sent with requests. By configuring it to strict settings, HyperSpeed minimizes the risk of leaking sensitive URL data to third-party sites, maintaining the confidentiality of your users' browsing history and interactions on your site.

Each of these headers plays a crucial role in strengthening your website's security, ensuring a safer experience for your users and protecting your site from various web threats. HyperSpeed simplifies the management of these headers, allowing you to focus on your core business while maintaining robust security.

A Webflow-hosted site with these security headers added.

Contact us

Do you need this feature on your site?

We love working with great clients, and building great systems. Give us a shout.

Your submission has been received!
We'll reply as soon as we can.
Oops! Something went wrong while submitting the form.

Frequently Asked Questions (FAQs)