Advice and help for Cloudflare SSL/TLS and HSTS and more

[naughtyking]

Hi , i will add screenshots to let you guys  understand my questions and help me.
i have Cloudflare connected to my domains.
i don't know what is the best for my kvs website , so i want you help me to know what to choose and what not.

1 - like first screenshot , what should i do here to get best use for my kvs website? should i mark or not mark squares?

2 -in second screenshot , should i use flexible or full?

3 - like third screenshot should i enable the SSL/TLS or not?

4- like the four screenshot , should i enable HTTS or not?

5- like five screenshot , should i enable HSTS or not

* about the last line ( the HSTS ) , i see that famous websites like xhamster and spankbang use HSTS and reCAPTCHA for Security.

note : i run scrap bots many website but spankbang was hard to run scrap bot and xhamster also i can not download his videos .

* i have reCAPTCHA , but i want to increase the bot fighter (anti bots) (that let bot not work or make bot very slow).

help me to fix the 5 steps

 

[hbarnetworks]

You should have https redirect enabled. If your NGINX/Apache config doesn't do that by default. Set encryption to FULL. and enable HSTS

 

However, these options have nothing to do with bots. Just with man in the middle attacks. 

[naughtyking]

22 hours ago, hbarnetworks said:

You should have https redirect enabled. If your NGINX/Apache config doesn't do that by default. Set encryption to FULL. and enable HSTS

 

However, these options have nothing to do with bots. Just with man in the middle attacks. 

Hi i dont know what do HSTS , what it do and why should i enable it?

[hbarnetworks]

6 hours ago, naughtyking said:

Hi i dont know what do HSTS , what it do and why should i enable it?

HSTS means that every connection going to your domain needs to be HTTPS. For instance, if you have an ad network on your domain that lists a random iframe that comes from an http (non-ssl) the request is blocked.