Skip to content

Only accept HTTPS request for an entrypoint #6034

@BirkhoffLee

Description

@BirkhoffLee

Do you want to request a feature or report a bug?

I searched in the documentations / issues, and I think this is more of a feature.

What did you expect to see?

For example, traefik runs on 1.2.3.4. There's only 1 entrypoint that listens on :443.
curl -vk https://1.2.3.4 is totally fine, but when you do curl -v http://1.2.3.4:443, it still works.

This can bypass, for example, the TLS client certificate authentication. I'm not sure if this is actually intended, and I think it would be good to have an option to explicitly specify that an entrypoint should only accept HTTP/HTTPS requests.

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions