Advanced publishing options

Updated

Learn more about advanced publishing options like SSL, minification of HTML, CSS, JS, and secure frame headers.

You can utilize advanced publishing options to help your site load faster and protect your site from several kinds of clickjacking attacks. 

Advanced publishing options are located in the publishing dropdown in the Designer or under Site settings > Publishing tab > Advanced publishing options.

Enable SSL

SSL is enabled by default for sites created after November 14th, 2018. 

To enable SSL on a site created before that date, set Enable SSL to on, save your changes, and publish your site. 

You can toggle Enable SSL off, but keep in mind that sites that don’t use SSL may be labeled “not secure” by some browsers, strongly discouraging people from visiting your site. We strongly recommend enabling SSL. 

For security, you cannot disable SSL on sites with Ecommerce or User Accounts enabled.

Important

Each time you disable or enable SSL on a Webflow-hosted site, you’ll need to update your DNS records. Learn more about DNS records for SSL and non-SSL hosting.

Minify HTML, CSS, JS

You can minify HTML, CSS, and/or JS separately. Minifying your site’s code can help your live website load faster, but can also make your code a little harder to read. Minifying the HTML can also fix spacing issues with inline-block elements.

Good to know

You can minify HTML, CSS, and/or JS separately.

Use secure frame headers

Using secure frame headers protects your site from several kinds of clickjacking attacks by restricting where your site can be embedded. Enabling this option will add a couple of headers to your published pages to prevent the pages from being embedded in iframes.

For security, you cannot disable secure frame headers on sites with Ecommerce or User Accounts enabled.

Note

It isn’t possible to embed Webflow staging subdomains (e.g., yoursite.webflow.io) in iframes, due to Webflow staging domain security. However, if you add a custom domain or subdomain to your site, you can embed your site in iframes as long as Use secure frame headers is set to off