HTTP vs HTTPS oddity

Hello,

I have a Zero trust tunnel setup into my network. I have (4) public host names mapped to HTTPS services into my network. I just noticed that if I browser to these public hosts names using HTTP (unsecured), it works just fine. I was expecting that to be denied as I only setup HTTPS service.

What am I missing? I ONLY want to allow HTTPS connections…

The service you use doesn’t matter in that way, it’s all local connections anyway.You can use http plaintext since it’s just from the cloudflared connector → target (which in most cases is local network).

In the website in your dashboard, if you go to SSL/TLS → Edge Certificates, scroll down to 'Always Use HTTPS" and enable, it should do what you want. https://dash.cloudflare.com/?to=/:account/:zone/ssl-tls/edge-certificates

1 Like

Thank you!

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.