Rack::SSL Force SSL/TLS in your app. Redirects all "http" requests to "https" Set Strict-Transport-Security header Flag all cookies as "secure" Usage use Rack::SSL