I have tried flexible SSL settings - currently on Full with a Letsencrypt cert on the server - but my web app does not load - I can see the requests on the server - there are no errors in the logs - no HTML is returned.
That is generally not a good idea as that legacy mode (together with Full) will not only drop all encryption from your site but will also break your site.
For starters, switch to Full Strict and verify if the site loads fine. If it does not, pause Cloudflare to verify if the site loads without Cloudflare. If it does not, you need to contact your host.
So when I do this (with LE cert on the server) my php file with phpinfo() call no longer loads - with flexible settings AND no LE cert on the server the phpinfo file works.
However the main app does not work at all its like index.php is not handling the requests for pretty URL handling like going to /user/login etc etc
Thanks Sandro for getting back - and sorry for late reply
That suggests your server is not properly configured.
Keep Cloudflare paused until the site loads fine on HTTPS and talk to your host (or whomever is responsible) to fix the site. Once it loads fine on HTTPS you can unpause and will also work on Cloudflare.
I have paused CF now - the server was working fine prior to enabling CF - Im testing on my demo app at the moment - so w/CF paused the site comes back and I get my login page for the app
Yeah, I do get a blank page as well, however based on the response headers, that should still be served by your server. There was recently a similar posting, where the user also had an issue with the origin serving different content and that was apparently an issue with the server configuration. After restarting it worked fine.
I would try restarting the service, if that still does not work, you’ll need to go through the server logs.
Nope no TM or LB setup - I rebooted the server still same - no errors in logs and can see the requests in apache access - even bogus requests return 200 response
If the requests reach your server, it’s definitely a server issue. I am afraid you can only debug the Apache and PHP setup. Cloudflare sends the same host header, so it should reach your virtual host. Apart from that, it could only be that your code does not like the Cloudflare IP addresses or something about the headers.
SSL is not the issue, your server has a valid setup, just make sure you have Full Strict selected.
The issue here will be something either with your Apache setup or the PHP code. Either it does not like the Cloudflare IP addresses (rate limiter?) or something about the headers, but unfortunately that you can only determine with good old debugging