Illustration of a quantum computer with multiple locks and an SSL certificate.

Cloudflare Header Tips

I am pretty sure any developer would have known about cloudflare.

Be it for Hosting, Ai, Storage, Mail, Security, Infra, Tunnels, DNS etc.

When you are a guy who uses free stuff to get things done for you, you cannot pay for things that you want, but also cannot stop from getting good things.

Not everyone gets all good things done for free.

Having our own server to host things has our own good and bad.

I do not have my own server, i am using github actions.

I want all good things in security. In the context of this one its SSL

One of the most used SSL Tester for testing site SSL security is

It is kinda hard to get a A+ if you are using free services for hosting as all do not see and work based on this

I use different free hosting server and Cloudflare for DNS and SSL as well. I got D on this when i was first testing. I was really shocked on how low secure my site was.

I was searching for ways to improve security without paying as well.

Luckily in Cloudflare i had options to add Headers i want within the cloudlfare itself. It allows me to set header like i have a own server and doing my own hosting.

It also gives me option to add some recomended security headers by with just one click

These are some of the basic and much needed security headers which no one knows when using cloud flare and also cloudflare does not enabled it by default for some reason.

This can be found after logging into your account and > Select domain > Rules > Transform Rules > Managed Transforms

These are quiet necessary and increases security by a lot

If you want anyone who access the site to have extra security or if you need to add some headers then you can add them with the following option

This can be found after logging into your account and > Select domain > Rules > Transform Rules > Modify Response Header

You can see i have added some as per my need. You can configure what best suits you as per your need.


Leave a Reply

Your email address will not be published. Required fields are marked *