Skip to main content
Hiveku’s Site Enhancements are toggle-on features that handle the boilerplate every modern site needs — analytics, SEO metadata, security headers, PWA support, and more. 
Project > Hosting > scroll to "Enhancements"
Each enhancement can be toggled independently per environment (staging vs. production), so you can test changes in staging before shipping.

Available Enhancements

EnhancementWhat it adds
Visitor AnalyticsPage view, session, and referrer tracking. Privacy-friendly, no cookies.
Cookie ConsentGDPR/CCPA-compliant consent banner with category toggles
Security HeadersCSP, X-Frame-Options, HSTS, referrer-policy, permissions-policy
SEO EnhancementsAuto Open Graph, Twitter Card, and JSON-LD structured data
PWA Readymanifest.json, service worker, offline fallback, Add to Home Screen
AccessibilitySkip links, ARIA landmarks, visible focus styles
Made in Hiveku BadgeSmall opt-out badge in a corner of your site (hide on paid plans)

How to Enable

1

Open Hosting

From your project, click Hosting in the sidebar.
2

Scroll to Enhancements

You’ll see a grid of toggles, one per enhancement, with a short description under each.
3

Pick the environment

The page has two columns — Staging and Production. Toggle enhancements independently in each.
4

Flip the toggle

Your choice saves immediately. Some enhancements open a config drawer — cookie banner copy, PWA icon upload, analytics settings.
5

Deploy

Toggles persist, but your live site won’t reflect them until the next deploy. Click Deploy in the top bar.

Per-Enhancement Notes

Visitor Analytics

No cookies, no fingerprinting. Tracks pageviews, sessions, referrers, and basic device info. Data appears in Analytics in the sidebar. Good for compliance-sensitive sites. Shows a banner on first visit with categories (necessary, analytics, marketing). Stores the choice in localStorage. If you use third-party marketing pixels, wrap them in a category check so they respect the consent state.

Security Headers

Adds hardened HTTP headers:
  • Content-Security-Policy (CSP) — blocks unexpected scripts and iframes
  • X-Frame-Options — prevents clickjacking
  • Strict-Transport-Security (HSTS) — forces HTTPS
  • Referrer-Policy — controls what referrer info leaks
  • Permissions-Policy — locks down browser features (camera, mic, geolocation)
Security Headers can break embeds that aren’t on your allow-list — Stripe checkout, YouTube, Calendly, third-party widgets. Enable in staging first and check every embedded widget works before flipping on production. If something breaks, add the domain to the CSP allow-list in the enhancement’s config drawer.

SEO Enhancements

Automatically injects per-page:
  • Open Graph tags (og:title, og:description, og:image)
  • Twitter Card metadata
  • JSON-LD structured data (Article, Product, Organization depending on page type)
Page titles and descriptions come from each page’s Meta settings (see Manage Website Pages).

PWA Ready

Generates manifest.json, registers a service worker, provides an offline fallback, and enables Add to Home Screen on mobile. Upload a 512x512 icon in the config drawer.
PWA needs HTTPS to install. Custom domains with Hiveku’s auto-SSL or the default .hiveku.com subdomain both work automatically.

Accessibility

Adds:
  • Skip-to-content links at the top of every page
  • ARIA landmarks (<main>, <nav>, <header>, <footer> roles)
  • Visible focus styles for keyboard navigation
No visual change for most users — only improves screen reader and keyboard experience.

Made in Hiveku Badge

A small “Made with Hiveku” chip in a corner of your site. On free plans it’s on by default and can’t be removed. On paid plans you can toggle it off. If kept on, pick the position — left, right, or bottom.

Verifying Enhancements Are Live

After deploying, verify via browser dev tools:
1

Check response headers

Open dev tools (F12) > Network > click the main document. Look at the Response Headers section. You should see content-security-policy, strict-transport-security, etc. if Security Headers is enabled.
2

Check page source

Right-click > View Page Source. Look for Open Graph meta tags if SEO is enabled, <link rel="manifest"> if PWA is enabled.
3

Check the cookie banner

Open in incognito — the banner should appear on first visit.
4

Check analytics

Visit a page, then open Analytics in Hiveku — the pageview should register within a few minutes.

Troubleshooting

Did you deploy? Toggles persist between deploys, but changes only apply after the next build. Click Deploy.
The default Content-Security-Policy doesn’t allow all third-party domains. Open the Security Headers config and add the domains to the CSP allow-list. Common additions: js.stripe.com, www.youtube.com, calendly.com.
Open the Cookie Consent config drawer and customize the banner copy. Multi-language support is per-locale — add your translation strings under the language code.
PWA requires HTTPS and a registered service worker, both of which Hiveku handles automatically. Check: the site loads over HTTPS (not HTTP), and you’ve uploaded a 512x512 icon in the PWA config. On iOS, Add to Home Screen works slightly differently — user has to tap Share > Add to Home Screen.
Make sure each page has a Meta Title and Description set (Content > Pages > click a page > Meta). The SEO enhancement uses those values to build the tags.

What’s Next?

SEO Setup

Go deeper on meta, sitemaps, and search console

Custom Domain

Point your domain at the site