Skip to Content [alt-c]


In reply to Comment by Andrew Ayer

Reader Brian M. on 2014-12-01 at 23:28:

It's not just mixed content, but application servers that will add explicit HTTP:// links in the response body, for example. Since the server thinks it's answering via HTTP (port 80), certain behaviors are present, and need to be re-written. Including HTTP response codes. I haven't seen anything in CloudFlare's writeups that indicates their CDN will rewrite response bodies or codes to account for these kinds of behaviors.

The Full SSL option will fix a lot of this behavior because the server then thinks it's answering via HTTPS (port 443), but that takes us back to the beginning of your problem statement: it's a non-trivial task for users/admins to take action to enable the encrypted back-end connection from application server to CloudFlare. Since most of the 2 million sites CF counts are small business or "prosumer" type of sites such as blogs, then I'd wager the percentage of effective, usable sites with Flexible SSL or Full SSL isn't very high, at all.


Post a Reply

Your comment will be public. To contact me privately, email me. Please keep your comment polite, on-topic, and comprehensible. Your comment may be held for moderation before being published.

(Optional; will be published)

(Optional; will not be published)

(Optional; will be published)

  • Blank lines separate paragraphs.
  • Lines starting with > are indented as block quotes.
  • Lines starting with two spaces are reproduced verbatim (good for code).
  • Text surrounded by *asterisks* is italicized.
  • Text surrounded by `back ticks` is monospaced.
  • URLs are turned into links.
  • Use the Preview button to check your formatting.