No lock on my Wordpress site SSL from Cloudflare

Smokes · February 5, 2019, 3:51am

Hello, I have setup free SSL thru Cloudflare but I can’t get the lock to show up. What am I doing wrong please?

Admin · February 5, 2019, 7:08pm

If you want me to name anything that’s “wrong”, I’d say the fact that you ask us why Cloudflare hasn’t setup your SSL certificate. Cloudflare needs to set up the SSL certificate. If there are any issues, they should know why.

But I’m not sure there is any issue. Cloudflare takes up to 24 hours to setup SSL certificates for free accounts (after which it might still not work right away due to caching in your browser).

Smokes · February 5, 2019, 7:32pm

For some reason my domain keeps failing to load. It makes it hard to do edits.

As for the SSL cert, I have deleted and closed my account thru cloudflare itself and now using in the cpanel. I guess I have to wait 24 hours to see how things work out.

Smokes · February 6, 2019, 3:57am

So now I’m using Cloudflare thru cPanel. How do I make SSL use TLS use V1.2 instead of v1.0? I plan on hosting an ecommerce website.

Smokes · February 6, 2019, 6:59am

My site wont load it seems somebody is flooding it… I have removed my link out of post/profile

Admin · February 6, 2019, 6:07pm

That’s something you would need to configure through Cloudflare. But to my knowledge, they are quite quick to disable unsafe protocols and adopt new ones, so you may not need to configure anything yourself.

Smokes · February 6, 2019, 6:09pm

Well, I have CloudFlare enable thru my cPanel. When I go to it, there’s no options? Should I disable CloufFlare thru cPanel and go back to CloudFlare site itself for more control?

Smokes · February 6, 2019, 7:01pm

I keep getting:

Error 521 Ray ID: 4a4fd7e45e3dc56e • 2019-02-06 18:57:35 UTC

Web server is down

Can you help me pin point this issue? I can see this from ClouFlare. I’m not sure what the issue is.
https://community.cloudflare.com/t/community-tip-fixing-error-521-web-server-is-down/42461

Smokes · February 6, 2019, 7:23pm

I’m also getting:

Error 520 Ray ID: 4a4ff56db80ec56a • 2019-02-06 19:17:52 UTC

Web server is returning an unknown error

https://support.cloudflare.com/hc/en-us/articles/200171936-Error-520-Web-server-is-returning-an-unknown-error

Both say to consult with the host provider or administrator for assistance.

Smokes · February 6, 2019, 7:50pm

These errors are making it so hard to edit anything in my website.

Smokes · February 7, 2019, 6:41am

Do we have a fix for the 520 and 521 errors please?

Smokes · February 7, 2019, 6:19pm

Will I need to disable CloudFlare until this 520 and 521 errors are resolved?

Admin · February 7, 2019, 6:29pm

I have no idea. I don’t know which website you’re talking about, so I can’t check.

Smokes · February 7, 2019, 6:49pm

https://culture420glass.ml today the 520 and 521 error is VERY bad.

Smokes · February 8, 2019, 4:09pm

Nothing on these issues? I guess I’ll disable SSL on this domain until you can get the 520 - 521 issues resolved.

MrJunior · February 8, 2019, 6:15pm

Currently I’m facing SSL Certificate issue, may I see your Encrypt tab configuration from Cloudflare?

Smokes · February 8, 2019, 8:47pm

I was using CloudFlare inside cPanel. So I don’t have anything to show you. I have disable CloudFlare though so that my site will work with out issues. I’m just waiting for the DNS to update.

Smokes · February 9, 2019, 1:12am

Hello,
How do I go to /etc/httpd/conf.d/ssl.conf and comment out the part about the virtual server 443. So that I can have my url remove https please? I want to get rid of SSL because it’s causing to much problems. I’ve already disable it from cPanel. It’s not allowing me to delete the certs though.

Admin · February 9, 2019, 4:50pm

I’m sorry for the late response.

The issue is that the IP address your website is on is currently being targeted for a DDoS attack. Because of that, the IP address had to be disabled to prevent damage to the system as a whole. The issue is being monitored, and the IP address will be re-enabled as soon as the attack has subsided.

Note that this does not mean your website specifically is the target of the DDoS attack. We host a lot of different websites on specific IP addresses, so it’s likely that another website was the target instead, and this is just collateral damage.

When you enabled Cloudflare from the control panel, an account at Cloudflare was created for you as well. From Cloudflare’s website, you can control more features offered by Cloudflare (rather than just the on/off button in the control panel).

You don’t, for a few reasons:

We don’t run an out of the box Apache server.
In our setup, SSL is not handled by Apache but by NGINX.
These settings require administrative access to the server, which would allow you to access and modify all settings of all websites of all users. So you don’t get that access on any web hosting service.
Removing such configuration would disable SSL for all websites on the entire server, not just yours.

All free hosting websites are SSL enabled by default with a shared, self signed certificate. It’s not possible to disable it (what would you like to see instead?), but you are free to not use it, of course.

Smokes · February 10, 2019, 6:55am

Not a problem.

How would I login and use this account if I don’t know the account info? Just the email.

If there was a ddos going on, then I guess I’ll have to wait it out. How long has the ddos been going on? I’ll continue to use SSL I guess in the end. After all, it was a ddos making the issues, as I suspected. I certainly hope my site was not targeted though, we can never know anyway. Thanks for your response.