HSTS and CDN Configuration
HSTS and CDN Configuration
Configuring HSTS with CDN providers:
// CloudFlare Page Rules
{
"url": "https://example.com/*",
"actions": {
"always_use_https": "on",
"strict_transport_security": {
"enabled": true,
"max_age": 31536000,
"include_subdomains": true,
"preload": true
}
}
}
// AWS CloudFront Response Headers Policy
{
"ResponseHeadersPolicyConfig": {
"SecurityHeadersConfig": {
"StrictTransportSecurity": {
"AccessControlMaxAgeSec": 31536000,
"IncludeSubdomains": true,
"Preload": true,
"Override": false
}
}
}
}