diff --git a/traefik.yml b/traefik.yml
index 52df0ac67c1a2d90ecb324a77f23e7b669d91515..f4f0bd58a6652d8b6a3dbd2d422ac61fe7c9d31d 100644
--- a/traefik.yml
+++ b/traefik.yml
@@ -11,8 +11,14 @@ services:
       - "traefik.http.routers.${NAME}.rule=Host(`${HOST}`)"
       - "traefik.http.routers.${NAME}.tls.certresolver=myresolver"
       - "traefik.http.routers.${NAME}.entrypoints=web,websecure"
-      - "traefik.http.routers.${NAME}.middlewares=hardening@docker"
       - "traefik.http.services.${NAME}.loadbalancer.server.port=9000"
+      - "traefik.http.middlewares.hardening-${NAME}.headers.sslredirect=true"
+      - "traefik.http.middlewares.hardening-${NAME}.headers.forceSTSHeader=true"
+      - "traefik.http.middlewares.hardening-${NAME}.headers.stsIncludeSubdomains=true"
+      - "traefik.http.middlewares.hardening-${NAME}.headers.stsSeconds=15552000"
+      - "traefik.http.middlewares.hardening-${NAME}.headers.stsPreload=true"
+      - "traefik.http.middlewares.hardening-${NAME}.headers.referrerPolicy=no-referrer"
+      - "traefik.http.routers.${NAME}.middlewares=hardening-${NAME}@docker"
 
 networks:
   traefik: