How to prevent someone cloning my heroku app repository?

Question

I have a nodejs app / REST API deployed on heroku,

After I read about cloning heroku app repository, I started to wonder is it safe to deploy my app on heroku? It seemed anyone could clone it freely.

So I tried to clone my app and it succeed without heroku CLI asking me to input any credential info.

Cloning the repository is just as simple as running this line:

heroku git:clone -a appname

Because anyone can see my app name by looking at Request URL through browser dev tool, does it mean they can clone it too?

how can I prevent anyone cloning my app?

Answer 1

If you can easily clone the repo with just the name, then anyone else would be able to. I don't use heroku very much, but I would suggest doing one of a few things:

1. Look into your settings and see if there are security options that prevent cloning.
2. If you are using a paid plan, look into other options. https://ovh.com offers VPSs from $3/month, and those are fully secure and can't be cloned.
3. If you are using a free plan, AWS has a free tier for some kind of VPS, so you might want to look into that.