Security
Protect sites and data
Allowlist Framer domains
Learn how to allowlist the domains Framer needs to work on secure corporate networks
Do I need to set up SSL for a custom domain?
Framer automatically generates SSL certificates for your custom domain, ensuring your site is served over HTTPS.
GDPR and cookies
This post has a slightly more legal tone than technical. We aim to strike the right balance in explaining our services and your responsibilities.
How our active DDoS protection works
Learn how Framer safeguards your website during external attacks.
How to add a content security policy
In this guide, we explain how to add a Content Security Policy (CSP) to your Framer site to enhance security.
How to enable DNSSEC on your domain
DNSSEC, or Domain Name System Security Extensions, is a suite of security protocols that safeguards the integrity and authenticity of DNS data.
Is Framer HIPAA compliant?
Learn whether Framer can be used in HIPAA-compliant environments.
Restricted countries
Framer complies with international sanctions, which may limit access to our services in certain regions.
Why security scans sometimes report duplicate response headers
Understanding 103 Early Hints and how Framer sends headers over HTTP/2 and HTTP/3