HSTS with Traefik and Docker

I’ve recently started to move the stuff I host to Docker, using the Traefik reverse proxy as the SSL termination.

Traefik is a really nice piece of software, but unfortunately while the documentation is great, it’s somewhat missing in tutorials and examples.

Among other things, I host a Nextcloud instance, and among the security suggestions, it tells me to add a Strict-Transport-Security header with a value of at least 15552000.

In my case, it was not strictly necessary as edzilla.info is already using HSTS preloading, but I wanted to follow the security suggestions to the letter.

To add the header to any host reverse proxied service, you simply have to add a label such as this:


2 Replies to “HSTS with Traefik and Docker”

    1. To be honest I have absolutely no experience with kubernetes, but from what I understand from traefik, it should work fine.

Leave a Reply

Your email address will not be published. Required fields are marked *