Mixed SSL mode: Full AND Flexible (for different subdomains)

fastcatch · February 10, 2020, 10:34am

I have some of my subdomains with origin-side TLS support (with good reason, and so that SSL mode can and should be set to Full or even higher) but some others are served as HTTP-only (and I have not found a way to properly secure them with TLS; they are not very security sensitive so I don’t mind that much).

I have not found a way to tell Cloudflare to use different SSL/TLS settings per DNS entry (or per subdomain in any way). Anything I’m missing / Is it possible at all? If not, what is the best practice in this case?

Thanks!

OliverGrant · February 10, 2020, 11:19am

@fastcatch,

You can use page rules to change the SSL mode.

— OG

domjh · February 10, 2020, 11:21am

Hi @fastcatch,

There is a tutorial on this:

You are probably already aware Deprecated - Why flexible SSL mode is not the best choice.

fastcatch · February 10, 2020, 11:48am

Thanks, I’ll read it up.

system · March 11, 2020, 10:34am

This topic was automatically closed after 30 days. New replies are no longer allowed.

Topic		Replies	Views
Setting up a SSL/TLS encryption mode for each subdomain Security	3	5648	May 15, 2020
Mixed SSL Mode? Security	9	2072	January 27, 2020
Is it possible to change the encryption mode for a single server? Security	5	2660	May 13, 2020
Deprecated - Setting SSL/TLS Mode using Page Rules Tutorial Tutorials	0	10322	September 29, 2019
SSL vs Page Rule SSL Security dash-ssl-tls	3	2831	July 27, 2019

Mixed SSL mode: Full AND Flexible (for different subdomains)

Related topics