The Crypto Tab in Nubius CloudShield allows you to configure security settings related to SSL, HTTPS, and authentication mechanisms for your domain. To access these settings:

  1. Log in to the Nubius Customer Portal.

  2. Navigate to Services → My Services.

  3. Select your Nubius CloudShield service.

  4. Click Manage Cloudflare for the domain you want to configure.

  5. Go to the Crypto Tab.

Available Security Settings

1. SSL/TLS Mode

Cloudflare offers different SSL modes to secure your site:

  • Off – No SSL encryption; the site only works over HTTP.

  • Flexible – Encrypts traffic between visitors and Cloudflare but not between Cloudflare and your origin server (useful for sites without SSL but not recommended for security-sensitive applications).

  • Full – Encrypts traffic between visitors, Cloudflare, and your origin server. Requires an SSL certificate installed on your server.

  • Full (Strict) (Recommended) – The most secure option. Encrypts all traffic and requires a valid SSL certificate on your origin server issued by a trusted Certificate Authority (CA) or Cloudflare’s Origin CA.

2. Always Use HTTPS

  • Forces all HTTP traffic to redirect to HTTPS.

  • Recommended for better security and SEO rankings.

  • If your website is not fully configured for HTTPS, enabling this may cause mixed content errors.

3. HTTP Strict Transport Security (HSTS)

  • Enhances security by forcing browsers to load your site only over HTTPS.

  • Helps prevent SSL stripping attacks.

  • Requires an SSL certificate and correct HTTPS setup before enabling.

  • When enabled, you must configure:

    • Max Age (how long browsers should enforce HTTPS-only access)

    • Subdomains (whether to apply HSTS to subdomains)

    • Preload (allows your domain to be added to global HSTS lists for stricter enforcement)

Warning: HSTS is a permanent setting in most browsers. Make sure your website works correctly over HTTPS before enabling it.

4. Authenticated Origin Pulls

  • Ensures that only Cloudflare requests are accepted by your origin server.

  • Requires an Origin Certificate from Cloudflare to be installed on your server.

  • Prevents direct connections to your server, reducing the risk of DDoS attacks and malicious traffic.

To enable Authenticated Origin Pulls, toggle the option in the Crypto Tab and install Cloudflare’s certificate on your server.

Best Practices for SSL & Security Settings

  • Use Full (Strict) SSL whenever possible for maximum security.

  • Enable Always Use HTTPS to enforce encrypted connections.

  • Configure HSTS carefully to avoid accidental downtime.

  • Use Authenticated Origin Pulls if your server is exposed to the internet to prevent unauthorized connections.

For more details, refer to Cloudflare’s Official Documentation.

If you need assistance configuring your SSL settings, contact Support via the Nubius Customer Portal.

Was this answer helpful? 0 Users Found This Useful (0 Votes)

Most Popular Articles

Managing DNS for Your Domains

  Accessing DNS Management To manage the DNS settings for your domain in Nubius CloudShield,...
Managing Security in the Firewall Tab

  The Firewall Tab in Nubius CloudShield allows you to configure various security settings to...
Managing Performance in the Speed Tab

  The Speed Tab in Nubius CloudShield allows you to optimize your website’s performance by...
Managing Page Rules in the Page Rules Tab

  The Page Rules Tab in Nubius CloudShield allows you to control how Cloudflare handles specific...
Managing Cache in the Caching Tab

The Caching Tab in Nubius CloudShield allows you to control how Cloudflare caches your website’s...