Company
Tools, stack, security posture (ISO 27001), continuity posture (ISO 22301) and quality posture (ISO 9001).
12 tools across 12 categories. The full WebGrow24 stack.
Frontend framework
Next.js 16
React 19 with server components, edge runtime and the App Router.
Language
TypeScript 6 strict
Strict types across the codebase. No JavaScript source files. No any.
Styling
Tailwind CSS 4
CSS variables for design tokens. Brand colours and spacing only from the token layer.
Database
Postgres 18
Drizzle ORM as the single source of truth for the schema. Migrations live in version control.
Edge
Cloudflare
HTTP/3, Brotli, image CDN with on-the-fly AVIF and WebP conversion.
Hosting
Dokploy
Self-managed production, staging and preview environments with auto-deploy on push to main.
Storage
S3 (s3.webgrow24.in)
Path-style addressing, region palitana1. Holds all media, lead magnets and admin uploads.
AI
OpenAI-compatible
Configurable via AI_API_KEY, AI_BASE_URL, AI_MODEL. We run the chatbot and the admin AI through the same interface.
Observability
GlitchTip (Sentry SDK)
Errors, logs and performance traces. Client tunnel via /api/glitchtip-tunnel bypasses ad blockers.
Cache and rate limiting
Redis
Edge runtime. In-memory fallback for the build, Redis on Dokploy for live.
Anti-spam
Cloudflare Turnstile
Privacy-friendly challenge on every public form. Honeypot field as a second layer.
Transactional email
Resend
Auto-reply on contact, welcome on newsletter signup, lead-magnet delivery.
The four pillars of our security posture.
Encrypted at rest and in transit. Role-based access control. Audit logs. Annual penetration tests.
All secrets live in environment variables. The codebase, config files and CI contain no real secrets, IPs, ports or URLs that change between dev and live.
Per-IP rate limits on every form endpoint and every public API. Privacy-friendly challenge (Turnstile) on every public form. Honeypot field as a second layer.
HSTS, X-Content-Type-Options, X-Frame-Options DENY, Referrer-Policy, Permissions-Policy, COOP, COEP. CSP with per-request nonce for inline scripts.
Severity levels (P1, P2, P3), response runbooks, weekly review of top errors and unresolved issues logged in our internal issue tracker.
Edge-rendered pages serve from the closest region. Multi-region failover for production. Backups run on the Dokploy schedule.
Every branch gets a preview URL through Dokploy. The main branch deploys to staging. Release branches deploy to production.
Every change reviewed against rules.md and specs.md. Every change passes lint, type check and tests before merge.
Drizzle schema drives migrations. Type-safe queries. No raw SQL outside the schema layer.
Home under 100 KB gz JS. Service detail under 110 KB gz. Blog post under 90 KB gz. Contact under 80 KB gz. Third-party scripts total under 50 KB gz.
RUM on every public page. Alerts when any core web vital regresses by more than 10%.
Verification documents and the full ISO/SOC 2 audit reports are available under NDA on request. Email hello@webgrow24.com.