I’m new to CF and just starting to test things out with one domain on the free plan.
So far I have a reverse proxy that routes all incoming requests to two servers, if the request URL has the form “domain.com/", the reverse proxy routes it to a web server, and if the request URL has the form "app.domain.com/”, the proxy routes it to an application server on a different machine.
I want all traffic to be HTTPS, therefore in Cloudflare’s dashboard under “Crypto”, I configured the SSL option to be “FULL STRICT”, I selected the option to “always use HTTPS”, and I also created a free TLS certificate signed by CF and installed it in my reverse proxy.
To verify that all communication is being encrypted I ran wireshark to capture the packets between my browser and the App, and to my surprise some packets are being sent/received over HTTP. Moreover, the packets exchanged are not between the browser and the reverse proxy, but between the browser and some sort of Cloudflare’s server (when I tried to open the IP address in the browser I got a message: Error 1003, Direct IP Address not allowed and some Cloudflare Ray Id)
I would like to know: what exactly are these Ray Id server? what kind of data is being sent over HTTP? and is there some mistake or security issue in this configuration?