Should I scan the Railway preview URL or custom domain?
Scan the exact URL you will share publicly. Preview domains differ in headers, SSL, and caching from your production custom domain.
Railway makes backend deploys fast, but custom domains, env var hygiene, health checks, and security headers on public services need explicit verification before you share the URL.
Custom domains and certificate provisioning on Railway services.
Custom domain attached with valid TLS — not just the *.up.railway.app default.
Audit check DNS-001 · dns ssl
Redirect apex→www or www→apex consistently — avoid duplicate content.
Audit check SEO-011 · seo
Production deploys need baseline HTTP hardening before you share the URL.
No secrets in client bundles — audit NEXT_PUBLIC_* and leaked API keys in static frontend services.
Audit check SEC-020 · dns ssl
Configure HSTS and security headers at CDN or reverse proxy in front of Railway.
Audit check SEC-001 · security
Policy pages, contact signals, and checkout trust before paid or viral traffic.
Status/health page linked before announcing — Railway restarts shouldn't surprise users.
Audit check TRUST-006 · trust
Core Web Vitals and load behavior under real traffic — not just localhost.
Measure Core Web Vitals on custom domain after cold-start warmup — not preview URL.
Audit check PERF-001 · performance
FAQ
Scan the exact URL you will share publicly. Preview domains differ in headers, SSL, and caching from your production custom domain.
Free tier · No credit card · Create account
Pricing
Start free. Paid plans include a 7-day free trial — card required, cancel anytime.
First flight check
Serious founders shipping weekly
7-day free trial
Start Growth trialFunded teams with monitors & CI
7-day free trial
Start Professional trialAgencies & multi-client launches
7-day free trial
Start Agency trial