Summer might be in full swing, but we’re not slowing down! We’re excited to announce yet another roll of significant updates to our Accelerated Domains service, aimed at boosting both performance and security for your websites. Following our recent security enhancements, we’re rolling out even more improvements to ensure you have the best tools to optimize your web presence. Here’s a detailed look at what has changed and how it benefits you.
Phase 1: Enhanced Worker and HSTS Fallback Option
In the first phase of our updates, we focused on upgrading the main Worker and enhancing security protocols.
Upgraded InstantPage Scripts
We have updated the InstantPage scripts to version 5.2. This upgrade improves the speed and responsiveness of your web pages, ensuring a smoother and faster user experience. Faster loading times can lead to higher user engagement and better SEO performance.
HSTS Fallback Option
To enhance security, we have introduced a fallback option for the HTTP Strict Transport Security (HSTS) header. This ensures that even if your origin server’s HSTS settings are not configured, our system will maintain a secure connection. HSTS is crucial for protecting your site from man-in-the-middle attacks by ensuring browsers only connect to your site over HTTPS.
Phase 2: Advanced HSTS Configuration and Cloudflare Settings Update
In the second phase, we have focused on providing more flexible and advanced HSTS configuration options while updating our Cloudflare settings.
Cloudflare HSTS Settings Update
We have disabled the Cloudflare-enabled HSTS settings. Now, the HSTS settings will take precedence from your origin server, with our fallback option ensuring security if nothing is configured. This change allows for more customized control over your site’s security settings.
Advanced HSTS Configuration via .htaccess
We understand the importance of having detailed control over your HSTS settings. Our support team is available to assist you in configuring HSTS via .htaccess files. This provides you with several advanced options:
- Include Subdomains: You can include subdomains in the HSTS settings to ensure comprehensive security across your entire domain.
- Extended max_age: Set a two-year ‘max-age’ for the HSTS header to maintain long-term security.
- Preloading List: Add your domain to the browser’s HSTS preloading list, ensuring that browsers recognize your site as secure from the first visit.
For more detailed information on setting up HSTS headers, please refer to our knowledge base article.
How These Changes Benefit You
- Improved Performance: The update to InstantPage scripts ensures your web pages load faster, enhancing user experience and potentially improving SEO rankings.
- Enhanced Security: The fallback option for HSTS and the ability to configure HSTS via .htaccess provide robust security measures to protect your site and its visitors.
- Greater Flexibility: You gain more control over your HSTS settings, allowing for comprehensive and customized security configurations.
We are committed to continuously improving our services to help you achieve optimal website performance and security. If you have any questions or need assistance with these updates, our support team is here to help.
Thank you for choosing our Accelerated Domains service. We look forward to continuing to provide you with top-notch tools and support.