Jump to content

Advice and help for Cloudflare SSL/TLS and HSTS and more


Recommended Posts

Hi , i will add screenshots to let you guys  understand my questions and help me.
i have Cloudflare connected to my domains.
i don't know what is the best for my kvs website , so i want you help me to know what to choose and what not.

1 - like first screenshot , what should i do here to get best use for my kvs website? should i mark or not mark squares?

2 -in second screenshot , should i use flexible or full?

3 - like third screenshot should i enable the SSL/TLS or not?

4- like the four screenshot , should i enable HTTS or not?

5- like five screenshot , should i enable HSTS or not

* about the last line ( the HSTS ) , i see that famous websites like xhamster and spankbang use HSTS and reCAPTCHA for Security.

note : i run scrap bots many website but spankbang was hard to run scrap bot and xhamster also i can not download his videos .

* i have reCAPTCHA , but i want to increase the bot fighter (anti bots) (that let bot not work or make bot very slow).

help me to fix the 5 steps







Link to comment
Share on other sites

22 hours ago, hbarnetworks said:

You should have https redirect enabled. If your NGINX/Apache config doesn't do that by default. Set encryption to FULL. and enable HSTS


However, these options have nothing to do with bots. Just with man in the middle attacks. 

Hi i dont know what do HSTS , what it do and why should i enable it?

Link to comment
Share on other sites

6 hours ago, naughtyking said:

Hi i dont know what do HSTS , what it do and why should i enable it?

HSTS means that every connection going to your domain needs to be HTTPS. For instance, if you have an ad network on your domain that lists a random iframe that comes from an http (non-ssl) the request is blocked. 

  • Like 1
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...