SSL Certificate Offloading with Cloudflare
SSL offloading via Cloudflare is an effective way to improve your website’s performance and security while reducing the load on your origin server.
Essentially, Cloudflare handles the SSL termination, so encrypted traffic occurs between the visitor and Cloudflare. The connection between Cloudflare and your server can be either unencrypted or encrypted, depending on your configuration.
This approach offloads the burden of SSL processing from your web server, improving efficiency and response times.
Benefits of SSL Offloading with Cloudflare
- Reduced server load: The origin server doesn't process encryption or decryption tasks.
- Enhanced security: Cloudflare protects against DDoS attacks and includes advanced firewall features.
- Better performance: Cloudflare optimizes traffic and leverages its global CDN to improve loading speed.
How to Configure SSL Offloading on Cloudflare
1. Enable Cloudflare in UCMP Utixo
2. Enable Proxy on DNS Records
3. Choose the SSL Type in the Crypto Tab
- If your server doesn't have a valid certificate, choose "Full"
4. Check the SSL Certificate Generated by Cloudflare
Supported Ports for SSL Offloading
Cloudflare only supports HTTPS traffic on a limited set of ports. The supported ports for SSL/TLS are:
- 443 (standard HTTPS)
- 2053, 2083, 2087, 2096, 8443
Only these ports can be proxied and take advantage of SSL offloading features.
Conclusion
SSL offloading with Cloudflare is a fast and efficient way to enhance your site’s security and performance. By following this guide, you can set it up in minutes and benefit from secure and optimized connections.