Get startedGet started for free

Securing and deploying your Typeform clone

1. Securing and deploying your Typeform clone

In the last lesson, we saw the different types of deployments on Replit. Now let's deploy our form builder using an Autoscale deployment. So we have our form application, I'm gonna open up the security scanner pane, and we're going to run a scan for vulnerabilities. This catches most of the obvious vulnerabilities that might be in your app, for example, exposing secrets or other secure information, and you can see no vulnerabilities were found. Speaking of secrets, we can also go to the secrets pane to see all of the sensitive information that we're storing. Here we can add a new secret, for example, if we wanted to integrate an external service, we didn't do that for this tutorial. You can also ask agent to add secrets to your application. So what's another way to make sure that your app is secure? Well, we can enter agent in plan mode and ask agent for a comprehensive security review. ‘Please perform a comprehensive security review of my app’. This is a great way for agent to check through your application, make sure all the logic is solid, and then provide recommendations that you can take action on. As with any tool, we're gonna do our best to build secure applications, and there are many reasons why Replit is differentiated in the way that it builds apps. For example we build full stack applications that securely access databases and secrets. That being said, as the builder, it's still our responsibility to check through our code and our application, and that's why asking agent in a plan mode for a security review can be a great step. Finally we'll talk about deploying our application. So I'll go to the deployments pane. This might be renamed to Publish by the time you see this video, and we're going to stick with the default deployment type. We'll click set up our deployment, and we'll be presented with some machine configuration settings. So what you'll see is that agent performed a security review and now has a task list that it could go through to really evaluate a lot of the different aspects of our application. Because this is a pretty complex app I won't go through that here in this course, but that's something that you might try out if you're going to productionalize this application or deploy it for other people to see. So we talked about secret scanner, we talked about using agent to perform a security review. Now we're ready to talk about deploying. So if I click deploy, which might say publish, by the time you see this course, we'll be presented with four options. Agent's gonna recommend an option for us, here you can see Autoscale and clicking set up, your deployment will present some settings. This configures the machine power and the number of machines that will power your application. Machine power is really, if you're just a hobbyist, building an application, not super important, so we can kind of lower this. If you're deploying something that you expect a lot of people to see, you might consider raising the machine power. Again, our documentation has some more information on that. The max number of machines, as I talked about, we can scale up or down, so we can have more powerful like mini computers powering our website, and we can have more of those or less of those if we're expecting a lot of traffic. This application won't get a lot, so I'm just gonna use one machine. I'm gonna approve those settings and now I'll be presented with a deployment pane. Agent has taken care of all the setup for us here, so we just have to name it, so I'll call this ‘matts-form’, and it's gonna be live at this address ‘matts-form.replit.app’. So what we can do, scroll down, note that we're gonna create a production database upon deployment, and we can also set up our production database with our current development data if we want to carry that over. I won't do that in this example. Finally, we're gonna select Deploy. We already ran our security scan, so we should be good to go there. Then we're gonna be presented with this deployments step. Now while we're here, I wanna talk a little bit about what deploying does and how it's different from previewing. What you might have noticed is that when you're building your application, you actually get this development URL, and this development URL is a live address on the Internet. You can go to it from your phone, you could go to it from a different browser or in incognito mode and test out your application that way. But this is a temporary URL. Your application isn't live yet until you deploy it, so this is really great for testing. It's actually really great for testing on different devices, sometimes I'll use my phone or different browser window to test accounts or you know, what it looks like for other viewers. But if I wanna share my application, I have to go to deployments, select, deploy, and then proceed with a deployment. Typically deployment for an application like this takes a couple minutes and you can see it's already being promoted and should be done in a couple seconds here. So we can see that our app was deployed, and if we go to this domain. We should get exactly the same app that we just built. So I'll zoom in to make this a little bit bigger. We can test it out. [email protected] and ‘hello’. Hit Control Enter. Our app works exactly as we'd expect it to, and now the data's flowing through to our production database so we can log into this application, we deployed exactly what we just built, and now anybody can visit at the URL we specified. So end-to-end, that's the security check and deployment for our Replit application.

2. Let's practice!

Create Your Free Account

or

By continuing, you accept our Terms of Use, our Privacy Policy and that your data is stored in the USA.