Your secrets stay encrypted
API keys, tokens, and other secrets are encrypted with AES-256-GCM, and only unlocked when your site actually needs them.
Your secrets, your data, and the infrastructure that runs your sites are protected by deliberate, layered choices we'd be happy to walk you through.
API keys, tokens, and other secrets are encrypted with AES-256-GCM, and only unlocked when your site actually needs them.
Every site is served over HTTPS by default, whether it runs on a waibsite.app address or your own domain.
While the AI builds your site, it works in a sealed-off space of its own. It can't reach other sites or their data, so any problem stays contained there.
Every site gets its own database with its own private login, so one site can never read or touch another's data.
Your password is never stored in plain text, and email two-factor is required at every sign-in.
Your live site and its data are hosted in the European Union.
Found something that looks off? Email [email protected].