diff --git a/traefik3.yml b/traefik3.yml
index d56b990664ffc3da5fdaeaf1193c5bccb77f704f..3e71abcbd11236ba962c18de30d7630282e7f9d1 100644
--- a/traefik3.yml
+++ b/traefik3.yml
@@ -11,9 +11,15 @@ services:
       - "traefik.http.routers.${NAME}.rule=${HOST}"
       - "traefik.http.routers.${NAME}.tls.certresolver=myresolver"
       - "traefik.http.routers.${NAME}.entrypoints=web,websecure"
-      - "traefik.http.routers.${NAME}.middlewares=hardening@docker"
       - "traefik.http.services.${NAME}.loadbalancer.server.port=9000"
-
+      - "traefik.http.middlewares.hardening-${NAME}.headers.sslredirect=true"
+      - "traefik.http.middlewares.hardening-${NAME}.headers.forceSTSHeader=true"
+      - "traefik.http.middlewares.hardening-${NAME}.headers.stsIncludeSubdomains=true"
+      - "traefik.http.middlewares.hardening-${NAME}.headers.stsSeconds=15552000"
+      - "traefik.http.middlewares.hardening-${NAME}.headers.stsPreload=true"
+      - "traefik.http.middlewares.hardening-${NAME}.headers.referrerPolicy=no-referrer"
+      - "traefik.http.routers.${NAME}.middlewares=hardening-${NAME}@docker"
+      
 networks:
   traefik:
     external: true