Portal Home > Knowledgebase > Articles Database > Flexible SSL secure?

Flexible SSL secure?

Posted by WebHostFreak, 10-23-2013, 09:12 AM

Hi there, Cloudflare offers Flexible SSL with their Pro accounts. It enables you to use SSL without installing a certificate on the server. It secures the connection between the visitor and cloudflare but not between cloudflare and the website server. So my question is: Is this configuration secure enough?

---

Posted by serve-you, 10-23-2013, 09:47 AM

Enough for what is the question. If you are conducting any sort of transaction that should be "secure" then you should have full SSL, as the data is not being encrypted from CF back to your server. So it really only provides protection from someone sniffing traffic on the end user's network.

---

Posted by WebHostFreak, 10-23-2013, 09:56 AM

for WHMCS as an example. Payment would be processed through a third party site like paypal.

---

Posted by serve-you, 10-23-2013, 10:06 AM

See my other comment. I would want end-end encryption for that. Any data being passed between the server and CF is unencrypted. If you wouldn't do something without SSL completely, then you shouldn't use the "flexible ssl" in it's place. It's a nice option for adding a layer of security to something that doesn't already have it, but it is not a replacement.

---

Add to Favourites    Print this Article

APF to block an IP (Views: 773)

cPanel Administrators, what is your Disaster Recovery Plan (DRP) ? (Views: 768)

Best and cheap Reseller hosting with unlimited space?? (Views: 809)

Would you recommend PiWeb Hosting? (Views: 748)

PHP Variable Problem (Views: 809)