Blocking HTTP on Cloudflare Proxied Domain

I have Cloudflare Proxy turned on for a few DNS records for some legacy websites to redirect HTTP to HTTPS and use strong TLS encryption etc
Upguard scan revealed that HTTP is still allowed via the Public IP which makes sense.

So I block HTTP port on the AWS security group for the server network interface and now I can’t access the website via HTTPS URL anymore.

What on earth is going on?

Were you using Flexible SSL mode?

Flexible SSL connects to the origin server using HTTP. If you blocked HTTP at the origin that would stop traffic like you described.

1 Like

Oh I see, I do have flexible configured.
I have digicert certificates setup on the server already so should I just switch to full (strict)?

1 Like

Sounds like you have a perfect match with Full (strict).



Awesome thanks guys

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.