SSL (or HTTPS) is the technology that keeps all that data sent between our users and our web server safe from prying eyes. All Heroku apps already support SSL by piggybacking on Heroku's SSL certificate (https://your-app-name.herokuapp.com
). However, unfortunately, this does not extend to any custom domains that we use for our application.
Heroku has a standard SSL add-on that we can use, but there is a simpler and more cost-effective solution—CloudFlare.
In this recipe, we'll learn how to protect our applications by enabling SSL in CloudFlare.
For this recipe, we'll need an existing Heroku application with a custom domain setup through CloudFlare. For step-by-step instructions on how to do this, refer to the previous recipe.