Cloudflare HSTS + My server HSTS?


#1

OK so I just started using Cloudflare. My server has a Letscrypt SSL and I have it configured to redirect all HTTP request to HTTPS.

I also added this HSTS header:

add_header Strict-Transport-Security "max-age=15768000; includeSubdomains; preload;";

Now I would like to enable HSTS on Cloudflare as I want to use its proxy/CDN. Is this OK? Can I do this? Is it recommended I do? Anything I should worry about before I apply it?


#2

It’s OK. Cloudflare will use your HSTS configuration. If you’ve configured 4 years. CloudFlare will show four years as well


#3

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.