CDN stopping SSL Subdomain



my website converted from http to https but still doesn’t showing padlock and display “insecure”. For images I have created subdomain i.e. & for subdomain also we have purchased SSL & activated it in Cloudflare CDN as well.
Can you please tell me is cloudflare preventing sudomain?, if not the please let me know how to resolve this issue.


What subdomain and domain are having issues? It’s usually a Mixed Content error.


img1.rapidleaks is my sub-domain …i am unable to upload images from my
wordpress dashboard


It looks like Wordpress has many references to http://img1… instead of https. Here’s a plugin that will help with updating the URLs (backup your site and database first!)

If you’re expecting Wordpress to upload images to your site’s subdomain, that’s not a simple task. Why not keep the media gallery as part of the Wordpress domain and serve it from there?


Serving static content like images from a sub-domain has a few benefits :

  1. If the sub-domain doesn’t set cookies, a cookie won’t get sent to the
    browser for each request made to the files on the sub-domain. Cookies are
    typically very small, so they don’t add a lot of “weight” to your page.
    They are still unnecessary for static content, and getting rid of all the
    excess “bulk” to your site is important if you are interested in a fast
    loading site.
  2. Modern web browsers can only download a certain number of
    resources from a domain at once. By creating a sub-domain to serve
    resources from, you are effectively doubling the number of resources that a
    visitor’s browser can download at once – or in parallel. For argument’s
    sake, this means that a web browser that can download two resources at a
    time will visit a page with 10 resources (images, CSS, HTML, etc.) and have
    to wait to download the first two before it can start to download the
    second two. The same goes for the third, fourth, and fifth set of
    resources. If the site is set up to serve static content from a sub-domain,
    the browser can download four resources at once by downloading two from the
    main domain, and two from the sub-domain.

that’s why i created a sub-doamin for my website


Cloudflare is going to set a cookie either way so I’m not sure a subdomain is going to make a difference and with http2 the parallelization of assets really is no longer an issue and all other things being equal with probably result in better performance using a single domain.

If those assets are being served from a unique host (and you’re not using a plan which allows resolve override) then using a unique hostname would probably still be required, but for most other scenarios I’m not sure sharding is nearly as relevant as it once was.

Remember for each unique host there is going to be a cost to the DNS lookup for that host as well. Assuming you’re using Cloudflare’s DNS that’s approximately a 15ms penalty per lookup (per DNSperf). Now some of those may be happening concurrently depending on page load/browser performance and will only be incurred once per TTL / DNS entry. And then there will also be the overhead associated with establishing a TCP & TLS connection to the host.

That’s not to say there may not be scenarios where sharding still makes sense (e.g. I have a customer who uses a unique subdomain because they are also leveraging Google’s CDN and it makes it regionally faster for us to retrieve an asset from the ‘origin’ when an object isn’t in our cache already), but it is not without a potential performance penalty of its own.