The Cloudflare Blog

Subscribe to receive notifications of new posts:

Ash Pallarito

Product Manager

HTTPS-only for Cloudflare APIs: shutting the door on cleartext traffic

2025-03-20

Security Week HTTPS API Addressing Research

We are closing the cleartext HTTP ports entirely for Cloudflare API traffic. This prevents the risk of clients unintentionally leaking their secret API keys in cleartext during the initial request. ...

Suleman Ahmad
Ash Pallarito
Algin Martin