GSC Blocked due to other 4xx issue

What is the name of the domain?

http://www.guardiandigital.com:443/

What is the error number?

400

What is the error message?

400 Bad Request The plain HTTP request was sent to HTTPS port

What is the issue you’re encountering

GSC reports blocked due to 4xx issue

What steps have you taken to resolve the issue?

I have investigated this issue throughout the cloudflare console and unable to identify the problem. Perhaps HSTS? Perhaps there’s a way to explain to GSC that it’s not a problem?

What are the steps to reproduce the issue?

Just visit

http://www.guardiandigital.com:443/

You are asking to speak HTTP on an HTTPS port (443), the error is as you would expect.

Make sure your SSL/TLS setting is set to “Full (strict)” and not “Flexible” if this is being reported when you actually try HTTPS.

Yes, thanks. I’ll work on that converting to Full.

It was more a matter of making some type of adjustment to fix the (broken) GSC error.

Use only “Full (strict)” (“Full” does not verify your origin SSL certificate so is insecure).

Otherwise, someone else might know more about how GSC is coming up with that link.

Use only “Full (strict)” (“Full” does not verify your origin SSL certificate so is insecure).

Otherwise, someone else might know more about how GSC is coming up with that link.

Qualys reports A+ on our current cert on all four cloudflare IPs. I’m not doubting you, but what am I missing about the security of our current (letsencrypt) cert?

That test connects to the Cloudflare edge, where clients connect to Cloudflare (as your DNS records are proxied).

“Full (strict)” is required to ensure that the connection between Cloudflare and your origin is encrypted and your origin server SSL certificate validated.

See…

Long read…

This topic was automatically closed after 15 days. New replies are no longer allowed.