Replit provides several security features out of the box that make it easier to build secure applications.
Version control
Replit offers native version control with Git integration. Additionally, you can access file history directly in the Workspace:
- Use the History panel to see every keystroke and revert changes
- Access Git features through the Git pane
- Roll back to checkpoints when using Agent
Google Cloud infrastructure
All Replit deployments are backed by Google Cloud Platform (GCP):
- Deployments run on GCP
- Object storage uses Google Cloud Storage (GCS)
- Resource isolation between projects
- DDoS protection through Google Cloud Armor
Encrypted secrets storage
Secrets are encrypted using Google Cloud’s secure storage and are safely accessible from your application’s code.To add a secret:
- Go to the Secrets pane in your Workspace
- Select Add a new secret
- Enter a key and value
- Select Add secret
Object storage
When using Replit’s object storage:
- Files are backed by Google Cloud Storage
- Only your app can access stored files by default
- No need to worry about public access control
- Agent can set up Object Storage with advanced authentication and access controls
Replit Auth
Implement authentication without building it from scratch.Benefits of Replit Auth:
- Handles login securely
- Manages sessions
- Reduces authentication implementation errors
Secure architecture with Agent
Agent builds applications with:
- Proper separation of front-end and back-end
- Secure back-end communication with databases
- Front-end that communicates only with your back-end API