Cloudflare CDN doesnt work properly on Wordpress website - wordpress

I set up to my wordpress website Cloudflare for CDN and security reasons.
Still all the content in my website comes from my domain. Everything looks fine. Changed the nameservers etc
When I inspect my elements all content is coming from mydomain.com/wp-content/blabla
Whats wrong?

This is expected. Since you actually setup your DNS records with CloudFlare, they serve resources from your domain. Resources should not come from CloudFlare's domain (even though they are being sent from CloudFlare servers). To verify that this is actually the case, the article below shows how to use webpagetest.org to verify that the cf-cache header is provided in the response.
https://support.cloudflare.com/hc/en-us/articles/200169556-How-can-I-tell-if-Cloudflare-is-caching-my-site-or-a-specific-file-

Related

Static assets not being served through Cloudflare CDN

So I am new to gatsbyjs and CDN's. My website is hosted on a2hosting and is going through Cloudflare, but when run a test on GTmetrix it says these files aren't going through the CDN, what am I doing wrong?
It looks like you only set the NS-Record with CloudFlare, but your A-Record is still pointing to your hosting provider directly. You need to change that record to work with Cloudflare.
Check your records:https://bhnd.io/pixelfriendly.co.za/
Check the Cloudflare documentation:https://support.cloudflare.com/hc/en-us/articles/205195708-Changing-your-domain-nameservers-to-Cloudflare
If that doesn't help, I would recommend sending Cloudflare a support request, they probably have more insights and can tell you what's wrong.

Wordpress configuration Https causes website typography confusion

After setting up the Wordpress blog, the editor configured his own domain name to the Wordpress blog he set up. When configuring Nginx at that time, he found that when configuring HTTP, the website could be accessed normally and the layout would not be messy.However, when I matched it with Https protocol, I found that the website was accessible, but the whole layout of the website was messy. When I used F12 to check the status, I found that many js files could not be loaded successfully, which led to the typographical disorder.Want to ask everybody who has encountered this kind of problem, and how to solve?Thank you!
Your browser is blocking mixed content, i.e. content served from HTTP sources to a HTTPS website. Most modern browsers do this by default for security purposes.
Here is an explanation from the Mozilla docs: "If your website delivers HTTPS pages, all active mixed content delivered via HTTP on this pages will be blocked by default."
To fix the error, just make sure all of the css and javascript files you are including from external domains are using the HTTPS protocol in the src attribute.

Why does typing https:// doesn't work?

I have a website that I'm working on to pass from http to https. A month ago, I've went through all pages on the website and changed the links in the page's content using the Wordpress CMS back-end editor. When I typed https:// in the address, I could see on the console a lot of Mixed Content errors related to links on files that I don't access to, so I passed this all to the back-end guy in my company to deal with.
Today, someone pointed out that the website is still not secure and if you type https:// it will default to http://. I've tried doing this in Chrome, Firefox and Internet Explorer, and them all default back to http://. The person that pointed this problem said that, since we already have the certificate, this should be happening because some part of the website is still not secure.
How can I find where is this issue happening?
You will need to enable the secure site feature from your hosting first the "SLL", but since you mentioned it is already enabled. then you will need to use a plugin to enforce the secure website on all pages, you can try https://wordpress.org/plugins/really-simple-ssl/

Safari redirection adding comma causing 404

I have a website running in Nginx and Cloudflare. It has several url checks and redirection. For example, when use hits example.com, they will be redirected to example.com/en/, these are done in nginx. In Chrome and Firefox they all work fine, but in Safari, when I hit example.com, it becomes:
http://example.com/en/,%20http://example.com/en/
This is causing 404. Any suggestions?.
This definitely wouldn't be coming from CloudFlare's side unless you've manually created a PageRule to redirect content on your site. If you haven't manually created a PageRule at CloudFlare though you can rule out that as the location/cause of the issue.
If you have created a PageRule at CloudFlare to redirect content I'd suggest opening a support ticket directly with CloudFlare so our support team can review your specific account settings.
p.s. I work at CloudFlare.

HTTPS redirects to totally different website?

I am doing some minor changes on my friends website. I noticed something very weird: when address is: https://websitename.com , it leads visitor to totally different website (and in address line is still https://websitename.com address, with notification about bad ssl sertificate), selling some shoes or something. http is still ok.
Site is checked for viruses, computers also, twice, and nothing is found. What could possbly cause this?
Website is hosted on Hostgator.
EDIT: I have to mention that i have address of "wrong" website. When I go to it, it shows empty page, and there is nothing on that domain. Like https://mywebsite.com is pointing to some website that is cached somewhere.
EDIT2: Also, there is a problem with google, he indexed https version of website, and found some links on "wrong" website, and indexed them too. So now, I can google https://mywebsite.com/something/shoe , and that page does not exists on http (giving 404).
i think its a hosting issue. I had similar problem with subdomains, when on one of my subdomains completely different site appeared.
Its due to on 1 server (ip) there are more than 1 domain (shared hosting) and it might be not configured properly. Ask your hosting provider support how they would explain and fix it, as this is obviously big security issue.

Resources