Mixed SSL mode: Full AND Flexible (for different subdomains)

I have some of my subdomains with origin-side TLS support (with good reason, and so that SSL mode can and should be set to Full or even higher) but some others are served as HTTP-only (and I have not found a way to properly secure them with TLS; they are not very security sensitive so I don’t mind that much).

I have not found a way to tell Cloudflare to use different SSL/TLS settings per DNS entry (or per subdomain in any way). Anything I’m missing / Is it possible at all? If not, what is the best practice in this case?

Thanks!

:wave: @fastcatch,

You can use page rules to change the SSL mode.

— OG

Hi @fastcatch,

There is a tutorial on this:

You are probably already aware Why flexible SSL mode is not the best choice.

Thanks, I’ll read it up.

1 Like