Skip to main content
Skip table of contents

Recommended Security Settings for SWA

Available for SWA Plus and SWA Premium, the initial security-related settings are conservative to accommodate a broader range of web clients. With full access to the Cloudflare® control panel or dashboard, raising the minimum TLS version or enabling HTTP Strict Transport Security (HSTS) is as simple as selecting a higher TLS version or clicking a toggle switch to enable HSTS.

The following are a list of suggested security-related settings to change or enabled:

  • Enable DNSSEC (See Cloudflare DNS dashboard app)

  • Always use HTTPS (see Cloudflare SSL/TLS dashboard app)

  • Enable HSTS (see Cloudflare SSL/TLS dashboard app)

  • Set Minimum TLS 1.2 Version (see Cloudflare SSL/TLS dashboard app)

  • Enabling TLS 1.3 (see Cloudflare SSL/TLS dashboard app)

  • Enable Automatic HTTPS Rewrites (see Cloudflare SSL/TLS dashboard app)

  • Enable WAF (See Cloudflare Firewall dashboard app)

  • Enable Email Address Obfuscation (See Cloudflare Scrape Shield dashboard app)

  • Enable Server-side Excludes (See Cloudflare Scrape Shield dashboard app)

  • Enable Hotlink Protection (See Cloudflare Scrape Shield dashboard app)

* An SSL/TLS certificate must be installed/enabled at the origin server or shared hosting space.

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.