Skip to main content
Skip table of contents

Recommended Security Settings for SWA

Available for SWA Plus and SWA Premium, the initial security-related settings are conservative to accommodate a broader range of web clients. With full access to the Cloudflare® control panel or dashboard, raising the minimum TLS version or enabling HTTP Strict Transport Security (HSTS) is as simple as selecting a higher TLS version or clicking a toggle switch to enable HSTS.

The following are a list of suggested security-related settings to change or enabled:

  • Enable DNSSEC (See Cloudflare DNS dashboard app)

  • Always use HTTPS (see Cloudflare SSL/TLS dashboard app)

  • Enable HSTS (see Cloudflare SSL/TLS dashboard app)

  • Set Minimum TLS 1.2 Version (see Cloudflare SSL/TLS dashboard app)

  • Enabling TLS 1.3 (see Cloudflare SSL/TLS dashboard app)

  • Enable Automatic HTTPS Rewrites (see Cloudflare SSL/TLS dashboard app)

  • Enable WAF (See Cloudflare Firewall dashboard app)

  • Enable Email Address Obfuscation (See Cloudflare Scrape Shield dashboard app)

  • Enable Server-side Excludes (See Cloudflare Scrape Shield dashboard app)

  • Enable Hotlink Protection (See Cloudflare Scrape Shield dashboard app)

* An SSL/TLS certificate must be installed/enabled at the origin server or shared hosting space.


JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.

Contact Support Close