The SSL certificate has been successfully! Okay, I will go to Cloudflare’s website and use the “Always Use HTTPS” option to force visitors to HTTPS and also set the SSL option to “Full (Strict)” as you had mentioned I should do.
I had to pause my website on Cloudflare while I was trying to get all these things done to ensure my website was secured. After I’m done, I will set it back on to “Enable Cloudflare on Site.”
Oh, that’s why I thought your proxy was turned off on your DNS settings! Well, after you’ve done so, re-enable Cloudflare and wait some time!
Yeah, They told me to pause it while I was trying to get it secured. I’m sorry, I should have brought that up you and Frank419.
Do I need to turn the proxy on for the last two records?
For the last two records, the Proxy status is set to “DNS only.” Will I need to change the setting for both to “Proxied?”
Also, I want to mention that “Automatic HTTPS Rewrites”, “Always use HTTPS”, and Brotli is ON.
It is good and your site is using https smooothly.Good job!
You decide whether to change the proxy status for that CNAME record.Both would work.
For the MX record,as it was shown in the picture,there isn’t even a button.(And since you are using formspree for emails,this record doesn’t really matter.)
No need
Not advisable
As you can see, it’s not possible to enable the proxy on the MX record. Also, the MX record is invalid. It points to our old mail server (which doesn’t exist anymore), and it points to a record with the Cloudflare proxy enabled, which would prefer email from coming through even if the email server were up. The same is true for the ftp record.
So of the records shown there, please delete the first, second, and last records. Everything else is fine.
Do not enable the proxy on the CNAME record. You’ll see in the client area it specifically says to not enable them. If you enable it anyways, the CNAME record will not be detected and will not work.
Please do not use Automatic HTTPS Rewrites. All it does is hide configuration problems, and can cause very weird behavior.
Okay. I will not use that. I will delete the first, second, and last records. And will not turn proxy on the CNAME record. Is there anything else I should do?
I’ve deleted the first, second, and last DNS records. These are the three DNS records that I’m left with. The proxy was NOT turned on the CNAME record. “Automatic HTTPS Rewrites” has been turned OFF. See images below.
Is there anything else I must do to ensure the safety and security of my website?
There is nothing else you need to do for now. Anyway, the certificate you installed on the hosting account will expire in 89/90 days after its release, so you don’t have to renew it until you get an expiration warning (30 days before its expiration), then you’ll have to renew it by doing the exact same steps you did before except for adding the DNS record, pausing and resuming Cloudflare and setting the options as we told you to do.
Okay. Thank you! To summarize, the main problem with my website was that the free SSL Certificate was never issued. It was still being held in draft by Let’s Encrypt. Am I correct or is there more to it than just that?
You never checked the records status when it was on draft until you checked it when I told you to get a self-signed SSL certificate from the same page of the Let’s Encrypt certificate you were getting before that.
I did checked it before and told you and Frank419 that it was still in draft. You may not remember but I did informed you two that it was still in draft. Anyhow, it now shows that the free SSL Certificate has been issued. See image below.
Oh. And now that is issued and you installed it there is nothing to do, at least for until you get the expiral notification on your email!
I want to thank you, Frank419, and the Admin
(Owner of InfinityFree) for all the help you have given me.
You’re welcome, I’m always glad to help you whenever you need it!
This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.
