diff --git a/infrastructure/terraform/components/callbacks/locals.tf b/infrastructure/terraform/components/callbacks/locals.tf
index 514be75..d80b5b7 100644
--- a/infrastructure/terraform/components/callbacks/locals.tf
+++ b/infrastructure/terraform/components/callbacks/locals.tf
@@ -21,7 +21,7 @@ locals {
       targets = [
         for target in try(client.targets, []) :
         merge(target, {
-          invocationEndpoint = try(target.mtls.enabled, false) ? "https://${aws_lb.mock_webhook_mtls[0].dns_name}/${target.targetId}" : "http://${aws_lb.mock_webhook_mtls[0].dns_name}/${target.targetId}"
+          invocationEndpoint = "https://${aws_lb.mock_webhook_mtls[0].dns_name}/${target.targetId}"
           apiKey             = merge(target.apiKey, { headerValue = random_password.mock_webhook_api_key[0].result })
         })
       ]
diff --git a/infrastructure/terraform/components/callbacks/module_mock_webhook_alb_mtls.tf b/infrastructure/terraform/components/callbacks/module_mock_webhook_alb_mtls.tf
index 7e7badf..eb8b677 100644
--- a/infrastructure/terraform/components/callbacks/module_mock_webhook_alb_mtls.tf
+++ b/infrastructure/terraform/components/callbacks/module_mock_webhook_alb_mtls.tf
@@ -19,18 +19,7 @@ resource "aws_vpc_security_group_ingress_rule" "mock_webhook_alb_https" {
   from_port                    = 443
   to_port                      = 443
   ip_protocol                  = "tcp"
-  description                  = "Allow HTTPS Client Lambda to reach mock webhook via mTLS"
-  tags                         = local.default_tags
-}
-
-resource "aws_vpc_security_group_ingress_rule" "mock_webhook_alb_http" {
-  count                        = var.deploy_mock_clients ? 1 : 0
-  security_group_id            = aws_security_group.mock_webhook_alb[0].id
-  referenced_security_group_id = aws_security_group.https_client_lambda.id
-  from_port                    = 80
-  to_port                      = 80
-  ip_protocol                  = "tcp"
-  description                  = "Allow HTTPS Client Lambda to reach mock webhook without mTLS"
+  description                  = "Allow HTTPS Client Lambda to reach mock webhook (mTLS and non-mTLS)"
   tags                         = local.default_tags
 }
 
@@ -102,17 +91,3 @@ resource "aws_lb_listener" "mock_webhook_mtls" {
 
   tags = local.default_tags
 }
-
-resource "aws_lb_listener" "mock_webhook_http" {
-  count             = var.deploy_mock_clients ? 1 : 0
-  load_balancer_arn = aws_lb.mock_webhook_mtls[0].arn
-  port              = 80
-  protocol          = "HTTP"
-
-  default_action {
-    type             = "forward"
-    target_group_arn = aws_lb_target_group.mock_webhook_mtls[0].arn
-  }
-
-  tags = local.default_tags
-}