I connected cloudflare to my WordPress and enabled HTTPS flexible.
made 2 page rules
https://www.example.com/wp-login.php*
https://www.example.com/wp-admin/*
leaving SSL as flexible but disabling cache and security level
I did install two plugins
http-https-remover
https-redirection [which I disabled now]
I mistakenly changed my sit and home urls to https://example.com
so I did access with FTP to fix it back , however the www is back still can't access the website
when I disable http-https-remover the website loads the content but its not aligned .
the website it self got the following errors :
www.site.com/:8 A Parser-blocking, cross site (i.e. different eTLD+1) script, https://ajax.cloudflare.com/cdn-cgi/nexp/dok3v=f2befc48d1/cloudflare.min.js, is invoked via document.write. This MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message.See https://www.chromestatus.com/feature/5718547946799104 for more details.
but they are not effecting the look and feel of the website .
for https://www.example.com/wp-admin/
the console is empty and the page returnes 200
the http version(when I disabel ssl from cloudflare for the 2 page rules) it gives me.
"This page isn’t working
www.assesstm.com redirected you too many time"
console :GET http://www.assesstm.com/wp-admin/ net::ERR_TOO_MANY_REDIRECTS
and the network is redirecting like crazy between http and https
disabling https in all the website gives me the redirect loop in the rest of the site
also worth mentioning that I'm not able to get the debug file after defining DEBUG with true in the wp-config.php file .
tried to force ssl on admin but didn't get a solution .
those are my wordpress plugins currently
a:14:{i:0;s:19:"akismet/akismet.php";i:1;s:44:"css3-text-and-image-overlay/css3_overlay.php";i:2;s:39:"easy-google-fonts/easy-google-fonts.php";i:3;s:50:"google-analytics-for-wordpress/googleanalytics.php";i:4;s:19:"jetpack/jetpack.php";i:5;s:29:"pirate-forms/pirate-forms.php";i:6;s:43:"shortcodes-ultimate/shortcodes-ultimate.php";i:7;s:41:"sp-news-and-widget/sp-news-and-widget.php";i:8;s:27:"tawkto-live-chat/tawkto.php";i:9;s:43:"themeisle-companion/themeisle-companion.php";i:10;s:37:"tinymce-advanced/tinymce-advanced.php";i:11;s:24:"wordpress-seo/wp-seo.php";i:12;s:32:"wp-overlays/wp-overlays-lite.php";i:13;s:25:"cloudflare/cloudflare.php";}
any suggestion
You should turn off SSL at your site and at cloudflare. See if that works.
Then set dns at cloudflare to bypass the cdn (grey cloud). Get ssl going on your site, and see if it loads under https.
If all that works, you can now turn on ssl at cloudflare (FULL, not Flexible) and switch dns back to using cloudflare (orange cloud).
Also,disable SSL and clean the cache, I'm sure that out there is a plugin for WP to help to propagate ssl url's, be sure you have it too, but what fixed my problem was disabling the rocket loader, you can find it in the speed option in cloudfare.
Related
hey there i hosted my site on AWS and it was all okay when i used ssl insecure content but unfortunately i deactivated that plugin by mistake and it made me logout of my admin panel.
So, now when i try to access my dashboard by typing correct username it is not allowing me to sign in into it. please help me in this. The first image shows how my login page looks (different from each time) and a popup box that appears when i try to login in my account and after clicking on it it reverts me back to same login page. please do help me i am depressed now.
First thing, better to attach the valid SSL certificate as it's not only about your dashboard but the end-user will also face the same issue when they try to access your website.
Or if you think that you were able to access your website with that plugin, then do the following
Ssh to your instance
install the plugin from the command line that you have removed and it will start working back.
wp plugin install <plugin-name>
how-to-install-wordpress-plugins-wp-cli
This is because your wordpress site is attempting to load your assets over HTTP rather than HTTPS.
Your SSL comes back as valid when running SSL labs so there is no need to worry about your SSL being invalid.
This will come down to your site actually loading on HTTP behind the load balancer so it is not aware it should be loaded over HTTPS.
There is a small change you can make that fools your blog into believing that it should return HTTPS urls. At the top of your index.php file add the following
$_SERVER['HTTPS'] = 'on';
$_SERVER['SERVER_PORT'] = 443;
By doing this only HTTPS urls will be rendered on your site allowing it to be fully accessible as intended.
This is happening because of SSL Issue. Do the Following
Install Really Simple SSL Plugin https://wordpress.org/plugins/really-simple-ssl/
Change Site Url and Home URL Prefix from http:// to https://
Note:- Disable SSL and Install Plugin First in order to be Succesfully run it
I just migrated the my website from my old domain to new domain. Its migrated but when I am clicking on something like pages or category its redirecting me to the old site with this error:
The site can't provide a secure connection. shopskart.in sent an invalid response. ERR_SSL_PROTOCOL_ERROR
Screenshot of error message
I also did these changes in wp-conf and wp-options but still I am getting same issue. Someone said its because its forcing site to https due to SSL I had but now I don't have SSL and don't want one right now.
You probably copied the old SSL file to your new site, and it's still active. You should disable it. Also check if there's any setting (in backend or database) pointing to https in stead of http, since you won't be using a secure connection anymore (Why not? You should!). Check the htaccess file as well! If the problem still occurs try clearing your browsercache.
From where i can find the ssl file. Or code. Actually the website was created by my developer and now he refused to give the data when i asked him. So i migraded using wp plugins and dont know where he pasted the ssl certificate.
I am getting a Cloudflare error 525 in my Wordpress.
I'm working on a subdomain where the domain has https that work fine through cloudflare but the subdomain does not.
Hosting: Godaddy
The SSL certificate is UCC bought from Godaddy.
Crypto SSL in Cloudflare: FULL
I made all the changes in Wordpress mainly following these steps: force https pages wordpress
And all URLs are changed from http:// to https://.
Can anyone help me, I'm running out of ideas and I do not know what else I should do?
That error indicates that the ssl handshake is failing on the subdomain. The subdomain might be configured differently at a web-server level, or there may be Page Rules that change the behavior
https://support.cloudflare.com/hc/en-us/articles/200278659-Error-525-SSL-handshake-failed
In case someone still get this error, here is how I fixed it.
This was driving me crazy because the site was working fine and then the error started to manifest intermittently: error page shows, then by refreshing a couple of times the site loaded but with some missing images. So it was a mess.
Tried to reach out for godaddy support but it was not very useful. They checked the files, database, open ports and even changed the propagating DNS, but still the error was persisting.
At the end I tried:
Disable my ssl plugin in wordpress (really simple SSL)
Go back to http setting
In cloudflare, set the SSL setting to flexible
I found out that Cloudflare takes over the writing of the https links, so the plugin was creating a redirect loop and that was causing the handshake to fail.
I spent my whole day configuring my wordpress website to use cloudflare flexible ssl.
I use WP HTTPS plugin and cloudflare page rule to redirect http to https.
It's working very well on firefox and IE but in chrome it's saying:
The page at 'https://mrbladedesigns.com/' was loaded over HTTPS, but is submitting data to an insecure location at 'http://mrbladedesigns.com/': this content should also be submitted over HTTPS.
One more thing I want to tell you guys that now also my wordpress address and Site address is HTTP in wordpress admin settings
I removed all of the insecure content but have no idea on how to resolve this.
Any help will be appreciated!
Just disable W3 Total Cache, https cloudflare will working fine.
I actually tried this as well but with more success. From your description it sounds like you have an issue with insecure content being loaded. This happens when you load the page via https but content is loaded via http.
The ssl insecure content fixer plugin will help you with most of your problems, but other problems will have to be fixed manually by changing http references in your html code to https.
never mind I fixed it, SSL insecure didn't worked for me, the root cause of this problem was the search bar on my homepage. Here's the fix: under WP HTTPS settings at the end there's an option Secure filters. Just write /?s there and save it! Done!
On a Drupal 6 site we can't figure out why pages, other than the home page, refuse to be accessed in https. Accessing any page on the site, except the home page, immediately redirects back to itself at http.
Apache is correctly setup with a valid SSL certificate.
I'm certain its not the .htaccess file. There's no rewrite rules regarding https or port 443.
I added $conf['https'] = TRUE; to the settings.php
I installed the Secure Page module and configured it to secure the page we want, but it causes a redirection loop ending in a browser error.
No other modules that I can see relate to http vs. https
I can't find any admin settings regarding the base URL that would force this behavior.
I have a lot of experience with server admin, LAMP software, and a little with Drupal, but this one has me stumped. Any hints or suggestions would help me a lot.
Check to see if base url in settings.php is set to the http address. This can cause this behavior.