Hi all,
We’re currently receiving the following HTTP header from cloudflare:
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
… however, a security audit company has recommended we use the enforce
flag, and extend the max-age
.
i.e.
expect-ct: enforce, max-age=7776000, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Is this something we can configure in CloudFlare?
(I’ve had a look through the SSL/TLS options and couldn’t find anything.)
Kind regards,
Nick