Getting Started with Cloudflare Security
Cloudflare provides a free service to encapsulate an existing website and route traffic through their infrastructure. This allows them to apply numerous defensive measures to help secure the site from a range of online risks. In this course, we'll go through the process of setting up a site in Cloudflare, assessing the security profile, then strengthening the configuration to maximize the value of the additional defenses.
What you'll learn
In an increasingly security conscious world, people are always looking for shortcuts to enhance the security profile of their websites whilst keeping cost and effort to a minimum. For new web assets, and particularly for old, this can be a high-friction and often costly process to get right. Cloudflare provides a free service that routes traffic to existing websites through their infrastructure. They've rapidly emerged in recent years to become a large player in the online world, with 5% of the globe's traffic now dependent on Cloudflare. By encapsulating a website within their service, they're able to provide services ranging from SSL-enabling sites to implementing firewall rules and security controls, all without touching the existing site. In this course, we'll look at Cloudflare's free service, which can be set up in minutes. Whether you're just trying to get SSL on your site or want to take advantage of the more advanced security features Cloudflare offers, this course is a great way to increase security in the fastest, cheapest way possible.
Table of contents
- Overview 2m
- SSL as a Premium Service 2m
- Understanding SSL on Cloudflare 3m
- Testing the Site Over HTTPS 4m
- Checking the SSL Configuration with Qualys SSL Labs 3m
- Understanding Flexible, Full, and Strict SSL 8m
- Implementing Full and Strict SSL 3m
- Forcing HTTPS with a Page Rule 3m
- Enabling HTTP Strict Transport Security (HSTS) 7m
- Summary 2m
About the author
Troy Hunt is a Microsoft Regional Director and MVP for Developer Security, an ASPInsider, and a full time Author for Pluralsight—a leader in online training for technology and creative professionals. Troy has been building software for browsers since the very early days of the web and possesses an exceptional ability to distill complex subjects into relatable explanations. This has led Troy to become an industry thought leader in the security space and produce more than twenty top-rated courses ... more