How can I disallow these types of connections on this subdomain? It’s an R2 bucket and the TLS settings have been set like this for a long time.
R2 Custom Domains are special and ignore some of your website’s settings, including TLS Min. At the moment, I believe there is no workaround and that Security Insight can be ignored. Longer term, there was mentions of trying to inherit those settings due to PCI Compliance issues, or just defaulting to a higher version.
If you absolutely need to enforce a higher minimum TLS Version, you could use a Worker bound to your R2 Bucket to serve assets, which would respect it. You can find how to use R2 with a worker here, and you can use Render, GitHub - kotx/render: Cloudflare Worker to proxy and cache requests to R2, a library to use R2 supporting caching, range requests and more, which you can just pass the request to.
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.