Https very low throughput, failed transfers on big files

Hi,

We recently connected a domain on cloudflare and we have assigned an origin SSL certificate from cloudflare.

This domain name points to a physical server in a datacenter and it is proxied through Cloudflare. This server receives files from our local server through http (not from a web form upload, not from a browser).

We noticed that when we use the SSL certificate (HTTPS), most of the POST requests/uploads we make fail to complete. Usually this happens with big files (200MB) or group of files. It doesn’t happen with one or two files.

We didn’t face this challenge when we switch off the HTTPS and the DNS proxy and use plain HTTP (with the domain name or the IP).

The server is running a simple web server on port 443. The underlying service is a PACS medical server.

You can read more about it here: https://www.osirix-viewer.com/ and https://www.osirix-viewer.com/Documentation/Guides/Security/index.html

We don’t use rate limiting and the security challenge level is currently set to Low (we already tried from off to high).

I have opened a ticket and the response from the support rep was that the free and pro plans have a 100MB upload size limit on POST request.

A suggestion we received was to use grey-cloud but it makes the origin SSL untrusted.

Can it work with an edge certificate instead?

We are using HTTPS rewrites, no firewall rules (the sender IP is allowed), default settings on Rules and WAF and caching is set to 30 mins.

Any suggestion would be greatly appreciated. Thanks.

This is correct. If that hostname is set to :orange:, there’s an upload size limit.

Your options are:

  1. Set that hostname to :grey:
  2. Upgrade to a Business or Enterprise Plan
  3. Modify your software to break uploads into smaller POST requests.

Hi @sdayman,

Thank you for your response.

*1. Set that hostname to :grey: *
If I switch to grey it makes the certificate untrusted (Not secure). Can I bypass it with edge certificate instead and use the :orange: ?

2. Upgrade to a Business or Enterprise Plan
Business is quite expensive for this use case, we currently have Pro.

3. Modify your software to break uploads into smaller POST requests.
Not possible unfortunately.

I am thinking that I can probably set an A record pointing to the server IP with :grey: for the communication between the two servers and another A record for the browser access of the web portal.

This topic was automatically closed after 30 days. New replies are no longer allowed.