I have Cloudflare Proxy turned on for a few DNS records for some legacy websites to redirect HTTP to HTTPS and use strong TLS encryption etc
.
Upguard scan revealed that HTTP is still allowed via the Public IP which makes sense.
So I block HTTP port on the AWS security group for the server network interface and now I can’t access the website via HTTPS URL anymore.
What on earth is going on?
Were you using Flexible SSL mode?
Flexible SSL connects to the origin server using HTTP. If you blocked HTTP at the origin that would stop traffic like you described.
Oh I see, I do have flexible configured.
I have digicert certificates setup on the server already so should I just switch to full (strict)?
Sounds like you have a perfect match with Full (strict).
Yes.
Awesome thanks guys
This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.